SlideShare a Scribd company logo

Gpc case study_eng_0221

SALIH AHMED ISLAM
SALIH AHMED ISLAM

Cybersecurity

Business
1 of 5
Download to read offline
1 Case Study Genuine Parts Company Builds Cyber Resilience with ISACA® ’s CMMI® Cybermaturity Platform The Business Need Cybersecurity is the #1 corporate governance challenge today — yet 87% of C-Suite professionals and board members lack confidence in their company’s cybersecurity capabilities.1 Genuine Parts Company, a multi-billion dollar, global service organization with over 55,000 employees, wanted better insight and management of their cybersecurity risk and complex security requirements to demonstrate their cyber resilience and mitigate cybersecurity risk. Genuine Parts wanted to align their cybersecurity processes and maturity along a common assessment framework. They needed a powerful tool that could be readily customized, shared and tracked by their cybersecurity and compliance professionals. They also wanted to create a shared approach and framework to communicate with enterprise leaders. To accomplish this, Genuine Parts selected ISACA’s CMMI Cybermaturity Platform to conduct a cyber maturity self-assessment because it provided an evidence-based approach for assessing, optimizing and reporting on cyber capabilities and framework alignment, and was able to be completely customized for Genuine Parts’ unique requirements. What is the CMMI Cybermaturity Platform? The CMMI Cybermaturity Platform helps large enterprises manage enterprise cybersecurity resilience, readiness and board confidence, as cyber threats and security requirements continue to evolve. This first-ever cyber maturity platform provides enterprises with the evidence-based insights they need to mitigate cybersecurity risk and build cyber maturity. CISOs and CIOs can confidently measure, assess and report on cyber maturity across the enterprise, aligned with globally-accepted industry standards. Company Background Genuine Parts Company (NYSE: GPC), founded in 1928, is a service organization engaged in the distribution of automotive replacement parts, industrial replacement parts and materials, and business products. The company services tens of thousands of customers from more than 3,600 operations across the world and has approximately 55,000 employees. With over 92 years of distribution expertise, Genuine Parts’ commitment and reputation for just- in-time service position them as a critical partner in their customer’s success. For more information, go to genpt.com
2 The cloud-hosted CMMI Cybermaturity Platform offers: • An industry-leading, enterprise-level solution that can be administered in-house or by professional experts and tailored to the unique needs of your business • A risk-focused capability self-assessment that targets the areas most relevant to your enterprise • A risk-prioritized roadmap that helps you focus cyber investments on the threats that will have the greatest impact • Assessment findings that align with global, recognized standards, including NIST (CSF, SP 800-171), ISO/IEC (27001, 27002), Threat Kill Cycle, FFIEC and CMMC The Business Challenge Genuine Parts Company determined that its initial cyber maturity assessment needed to create a baseline against a common framework that aligns with NIST CSF and the ISO 27001 controls. They needed to assess multiple units, demonstrate maturity that was aligned with the NIST CSF, and specifically focus on demonstrating maturity performance in managing risk; not something compliance-based. Genuine Parts customized the CMMI Cybermaturity Platform to target these specific areas for improvement in their assessment. • Apply governance elements • Apply risk strategy • Implement risk management • Implement risk identification • Ensure access control management • Apply data security protection • Apply organizational training • Ensure trustworthy systems • Apply operational protection provisions • Apply protection planning • Apply protective technology provisions • Apply cybersecurity incident detection • Apply continuous monitoring • Apply incident response • Apply incident handling • Apply incident recovery “The CMMI Cybermaturity Platform has enabled us to establish a quantitative baseline measure for our security program maturity in a very cost effective manner. The ability to customize the solution to our specific risk profile was a key differentiator in our selection process.” Damian Apone Global Security Program Director Genuine Parts Company
3 The Solution The CMMI Cybermaturity Platform Enables Genuine Parts Company to Conduct an Actionable and Insightful Cyber Maturity Assessment Genuine Parts selected the CMMI Cybermaturity Platform because of its alignment with globally recognized standards, particularly the NIST Cyber Security Framework (CSF), as it is already an industry benchmark with risk-based controls. Additionally, its Informative References and alignments across the 20 CIS (Center for Internet Security® ) Cyber Security Controls, COBIT Controls, ISA–62443-2-1–2009 (Security for Industrial Automation and Control Systems), ISO/IEC 27001 INFOSEC Controls, and the federal controls NIST SP 800-53 Rev. 4 -1 provide additional utility. To succeed, Genuine Parts determined that their initial CMMI Cybermaturity Platform maturity assessment model be: • Digital • Risk-based • Provide a risk profile/map • Easy to use • Customizable • Self-paced • Align to the NIST Cyber Security Framework (CSF) • Align to the ISO 27001 Controls for ease of self-assessment and improvement • Produce a roadmap for improvement As Genuine Parts developed their customized risk profile, the descriptors for each frequency of occurrence values led to invaluable discussions among the Genuine Parts senior leaders. Without these definitions, calibrating their current state and then defining improvement goals would have been nearly impossible. In addition, using the CMMI Cybermaturity Platform Maturity Scorecard within each Practice Area Assessment allowed employees to review and understand the People, Process, and Technology (PPT) objective for each maturity level, and its relative ISO 27001 Informative Reference by Maturity Level. This view provided specific insights for measured vs. targeted maturity levels—an eye-opening experience and a rallying cry for achieving continuous improvement. The Maturity Scorecard allows you to measure the current cyber maturity levels of people, processes and technology across your organization. See results instantly on your company’s Risk Profile Matrix. (Note: screenshots reflect sample data and are not specific to Genuine Parts Company)
4 Key Performance Goals Achieved While the Genuine Parts Company Enterprise Security Team could not control the number of security incident tasks it received, it could control how it handled their resolution in a more efficient and timely manner. Since the CMMI Cybermaturity Platform self-assessment in January 2020, they have: • Reduced Mean Time to Task Resolution (MTTR) from nearly 24 days (23.9) over the previous three quarters to an average of 6.5 days for the first two quarters in 2020 • Decreased the range of Backlog Days for Tasks from as high as 117 days during the previous three quarters, to a low of six days for the first two quarters in 2020 Addressing Improvement Opportunities Genuine Parts Company is increasingly shifting to a risk-based approach to the use of controls and cybersecurity frameworks. This has changed its whole basis of reference when leaders speak to each other. In the past, leaders based their performance perceptions upon perceived internal and uncalibrated frameworks from former experiences. This would lead to biased and perhaps misaligned deployment with mixed results. Using the CMMI Cybermaturity Platform and its self-assessment feature, Genuine Parts now has a comprehensive, objective and usable roadmap that was validated by an additional 3rd party assessment. Part of Genuine Parts Company’s 2018–2019 Strategic Planning Process was the adoption and alignment to the NIST Cyber Security Framework and its Five Functions of Identify, Detect, Protect, Respond, and Recover. C-Suite buy-in was much easier since the CMMI Cybermaturity Platform had the benefit of not just being grounded in the use of the CMMI model, but the added bonus of its alignment to the NIST Cyber Security Framework, its Five Functions, their Categories and Subcategories and Informed References throughout the Practice Area Assessments and reports. The self-assessment feature offers a comprehensive, objective, and usable roadmap.
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its 145,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. Lessons Learned Prior to Genuine Parts Company’s initial self-assessment using the platform, company leaders felt they were just spending money and making reactionary decisions for cybersecurity based upon preconceived, and often misaligned perceptions. Now, pulling from the NIST Cybersecurity Framework, its alignment to ISO 27001, Genuine Parts’ CMMI Cybermaturity Platform self-assessment and its validation by their 3rd party Cyber Maturity Assessment (CMA), Genuine Parts is now making risk-based cybersecurity decisions. Verifying data and spending the time needed to accurately determine Incident Pattern Prioritization can be immensely valuable: Genuine Parts found that they previously set higher maturity targets for themselves than were warranted. This realization helped them recalibrate their Risk Profile for some Potential Events and Vulnerabilities. Based on the feedback from the CMMI Cybermaturity Platform self-assessment, Genuine Parts is now preparing to launch an improvement program for the identified improvement projects to realize the benefits of their respective cybersecurity maturation. Learn more about the CMMI Cybermaturity Platform: www.isaca.org/cybermaturity “Key items that led to our selection of the CMMI Cybermaturity Platform include the mapping to multiple frameworks (e.g. NIST, ISO, etc.), along with the ability to customize the evaluation to our specific risk profile. Additionally the remediation roadmap functionality has helped us to identify what specifically we need to do to improve our maturity as well as helps us in prioritizing the efforts.” Damian Apone Global Security Program Director Genuine Parts Company ISACA’s CMMI enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, service excellence, workforce management, data management, supplier management, and cybersecurity. For more than 25 years, thousands of high-performing organizations have achieved sustainable business success through CMMI adoption and demonstrated their ability as capable business partners and suppliers. © 2021 ISACA. All rights reserved. 1 2019 Official Annual Cybercrime Report from Cybersecurity Ventures and the ISACA State of Cybersecurity.

Recommended

CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2newbie2019
 
CMMC Breakdown
CMMC BreakdownCMMC Breakdown
CMMC BreakdownIgnyte Assurance Platform
 
GDPR
GDPRGDPR
GDPRRajivarnan R
 
Scott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsScott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsTrish McGinity, CCSK
 
DFARS & CMMC Overview
DFARS & CMMC Overview DFARS & CMMC Overview
DFARS & CMMC Overview Ignyte Assurance Platform
 
Corporate Cyber Program
Corporate Cyber ProgramCorporate Cyber Program
Corporate Cyber ProgramIgnyte Assurance Platform
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 

Recommended

CMMC Certification
CMMC CertificationCMMC Certification
CMMC CertificationControlCase
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2newbie2019
 
CMMC Breakdown
CMMC BreakdownCMMC Breakdown
CMMC BreakdownIgnyte Assurance Platform
 
GDPR
GDPRGDPR
GDPRRajivarnan R
 
Scott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsScott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsTrish McGinity, CCSK
 
DFARS & CMMC Overview
DFARS & CMMC Overview DFARS & CMMC Overview
DFARS & CMMC Overview Ignyte Assurance Platform
 
Corporate Cyber Program
Corporate Cyber ProgramCorporate Cyber Program
Corporate Cyber ProgramIgnyte Assurance Platform
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareIgnyte Assurance Platform
 
Securing the Supply Chain
Securing the Supply ChainSecuring the Supply Chain
Securing the Supply ChainIgnyte Assurance Platform
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Cohesive Networks
 
CMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance ExplainedCMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance ExplainedIgnyte Assurance Platform
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentInfosec
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachAnchises Moraes
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkTuan Phan
 
Evolution of Security Management
Evolution of Security ManagementEvolution of Security Management
Evolution of Security ManagementChristophe Briguet
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
Does audit make us more secure
Does audit make us more secureDoes audit make us more secure
Does audit make us more secureEnterpriseGRC Solutions, Inc.
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010Donald E. Hester
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Educause+V4
Educause+V4Educause+V4
Educause+V4ecarrow
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NetLockSmith
 
MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceWilliam McBorrough
 
What is CIS Benchmark
What is CIS BenchmarkWhat is CIS Benchmark
What is CIS BenchmarkCIO Talk Network
 
Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...Enterprise Management Associates
 

More Related Content

What's hot

How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareIgnyte Assurance Platform
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Cohesive Networks
 
CMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance ExplainedCMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance ExplainedIgnyte Assurance Platform
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentInfosec
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachAnchises Moraes
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkTuan Phan
 
Evolution of Security Management
Evolution of Security ManagementEvolution of Security Management
Evolution of Security ManagementChristophe Briguet
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceControlCase
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and CertificationControlCase
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudControlCase
 
NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010Donald E. Hester
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standartnewbie2019
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationExigent Technologies LLC
 
Educause+V4
Educause+V4Educause+V4
Educause+V4ecarrow
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Phil Agcaoili
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NetLockSmith
 
MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceWilliam McBorrough
 

What's hot (20)

How I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance NightmareHow I Woke Up from the CMMC Compliance Nightmare
How I Woke Up from the CMMC Compliance Nightmare
 
Securing the Supply Chain
Securing the Supply ChainSecuring the Supply Chain
Securing the Supply Chain
 
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
Protecting Vital Data With NIST Framework - Patrick Kerpan's Secure260 presen...
 
CMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance ExplainedCMMC 2.0 I L1 & L2 Scoping Guidance Explained
CMMC 2.0 I L1 & L2 Scoping Guidance Explained
 
CMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessmentCMMC case study: Inside a CMMC assessment
CMMC case study: Inside a CMMC assessment
 
A Case Study of the Capital One Data Breach
A Case Study of the Capital One Data BreachA Case Study of the Capital One Data Breach
A Case Study of the Capital One Data Breach
 
Introduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity FrameworkIntroduction to NIST Cybersecurity Framework
Introduction to NIST Cybersecurity Framework
 
Evolution of Security Management
Evolution of Security ManagementEvolution of Security Management
Evolution of Security Management
 
FedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP MarketplaceFedRAMP Certification & FedRAMP Marketplace
FedRAMP Certification & FedRAMP Marketplace
 
SOC 2 Compliance and Certification
SOC 2 Compliance and CertificationSOC 2 Compliance and Certification
SOC 2 Compliance and Certification
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
Does audit make us more secure
Does audit make us more secureDoes audit make us more secure
Does audit make us more secure
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 
NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010NIST IT Standards for Local Governments 2010
NIST IT Standards for Local Governments 2010
 
Chapter 10 security standart
Chapter 10 security standartChapter 10 security standart
Chapter 10 security standart
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
 
Educause+V4
Educause+V4Educause+V4
Educause+V4
 
Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6Intel Presentation from NIST Cybersecurity Framework Workshop 6
Intel Presentation from NIST Cybersecurity Framework Workshop 6
 
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2NIST presentation on RMF 2.0 / SP 800-37 rev. 2
NIST presentation on RMF 2.0 / SP 800-37 rev. 2
 
MCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance ServiceMCGlobalTech CMMC Managed Compliance Service
MCGlobalTech CMMC Managed Compliance Service
 

Similar to Gpc case study_eng_0221

Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...Enterprise Management Associates
 
Ca siteminder
Ca siteminderCa siteminder
Ca siteminderRoger Xia
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...Symantec
 
Payment giant-automates-internal-audit
Payment giant-automates-internal-auditPayment giant-automates-internal-audit
Payment giant-automates-internal-auditMetricStream Inc
 
The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.FitCEO, Inc. (FCI)
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15FitCEO, Inc. (FCI)
 
Mike Schleif - Executive Biography
Mike Schleif - Executive BiographyMike Schleif - Executive Biography
Mike Schleif - Executive BiographyMike Schleif
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfTapOffice
 
How to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-SuiteHow to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-SuiteSurfWatch Labs
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Accounting_Whitepapers
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service providerpaulharry03
 
Cyber-Security Certifications
Cyber-Security CertificationsCyber-Security Certifications
Cyber-Security CertificationsNithin Sai
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement William McBorrough
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalWilliam McBorrough
 
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd Iaetsd
 

Similar to Gpc case study_eng_0221 (20)

What is CIS Benchmark
What is CIS BenchmarkWhat is CIS Benchmark
What is CIS Benchmark
 
Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...Responsible Consumer Identity and Access Management (CIAM): Architecting High...
Responsible Consumer Identity and Access Management (CIAM): Architecting High...
 
Ca siteminder
Ca siteminderCa siteminder
Ca siteminder
 
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
IT Security at the Speed of Business: Security Provisioning with Symantec Dat...
 
Payment giant-automates-internal-audit
Payment giant-automates-internal-auditPayment giant-automates-internal-audit
Payment giant-automates-internal-audit
 
The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.The Demystification of successful cybersecurity initiatives.
The Demystification of successful cybersecurity initiatives.
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
 
SIEM
SIEMSIEM
SIEM
 
Mike Schleif - Executive Biography
Mike Schleif - Executive BiographyMike Schleif - Executive Biography
Mike Schleif - Executive Biography
 
Building a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdfBuilding a Security Operations Center (SOC).pdf
Building a Security Operations Center (SOC).pdf
 
How to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-SuiteHow to Raise Cyber Risk Awareness and Management to the C-Suite
How to Raise Cyber Risk Awareness and Management to the C-Suite
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service provider
 
Introduction to CMMI
Introduction to CMMIIntroduction to CMMI
Introduction to CMMI
 
Cyber-Security Certifications
Cyber-Security CertificationsCyber-Security Certifications
Cyber-Security Certifications
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement MCGlobalTech Cyber Capability Statement
MCGlobalTech Cyber Capability Statement
 
SIEM Buyer's Guide
SIEM Buyer's GuideSIEM Buyer's Guide
SIEM Buyer's Guide
 
MCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_FinalMCGlobalTech Cyber Capability Statement_Final
MCGlobalTech Cyber Capability Statement_Final
 
Iaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems usingIaetsd design and implementation of secure cloud systems using
Iaetsd design and implementation of secure cloud systems using
 

More from SALIH AHMED ISLAM

8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit8 moves to becoming an agile internal audit
8 moves to becoming an agile internal auditSALIH AHMED ISLAM
 
7 musts to establish a strategic plan
7 musts to establish a strategic plan7 musts to establish a strategic plan
7 musts to establish a strategic planSALIH AHMED ISLAM
 
6 implications of internal audit
6 implications of internal audit6 implications of internal audit
6 implications of internal auditSALIH AHMED ISLAM
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditingSALIH AHMED ISLAM
 
5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotlineSALIH AHMED ISLAM
 
5 critical tasks of Internal Audit
5 critical tasks of Internal Audit5 critical tasks of Internal Audit
5 critical tasks of Internal AuditSALIH AHMED ISLAM
 
What do internal auditors do?
What do internal auditors do?What do internal auditors do?
What do internal auditors do?SALIH AHMED ISLAM
 
CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020SALIH AHMED ISLAM
 
Cpi 2020 - main -infographic
Cpi 2020 - main -infographicCpi 2020 - main -infographic
Cpi 2020 - main -infographicSALIH AHMED ISLAM
 
Cpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographicCpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographicSALIH AHMED ISLAM
 
Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2SALIH AHMED ISLAM
 
Cpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographicCpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographicSALIH AHMED ISLAM
 
Cpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographicCpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographicSALIH AHMED ISLAM
 
Cpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographicCpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographicSALIH AHMED ISLAM
 
CPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphicCPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphicSALIH AHMED ISLAM
 

More from SALIH AHMED ISLAM (20)

10 advice for ia executives
10 advice for ia executives10 advice for ia executives
10 advice for ia executives
 
8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit8 moves to becoming an agile internal audit
8 moves to becoming an agile internal audit
 
7 musts to establish a strategic plan
7 musts to establish a strategic plan7 musts to establish a strategic plan
7 musts to establish a strategic plan
 
6 implications of internal audit
6 implications of internal audit6 implications of internal audit
6 implications of internal audit
 
6 benefits of internal auditing
6 benefits of internal auditing6 benefits of internal auditing
6 benefits of internal auditing
 
5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline5 benefits of a whistleblower hotline
5 benefits of a whistleblower hotline
 
What is risk management
What is risk managementWhat is risk management
What is risk management
 
5 critical tasks of Internal Audit
5 critical tasks of Internal Audit5 critical tasks of Internal Audit
5 critical tasks of Internal Audit
 
5 fraud tips
5 fraud tips5 fraud tips
5 fraud tips
 
What do internal auditors do?
What do internal auditors do?What do internal auditors do?
What do internal auditors do?
 
Code of Conduct
Code of ConductCode of Conduct
Code of Conduct
 
CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020CORRUPTION PERCEPTIONS INDEX 2020
CORRUPTION PERCEPTIONS INDEX 2020
 
Fraud awareness training
Fraud awareness trainingFraud awareness training
Fraud awareness training
 
Cpi 2020 - main -infographic
Cpi 2020 - main -infographicCpi 2020 - main -infographic
Cpi 2020 - main -infographic
 
Cpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographicCpi 2020-western-europe-and-european-union-infographic
Cpi 2020-western-europe-and-european-union-infographic
 
Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2Cpi 2020-sub-saharan-africa-infographic v2
Cpi 2020-sub-saharan-africa-infographic v2
 
Cpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographicCpi 2020-middle-east-and-north-africa-infographic
Cpi 2020-middle-east-and-north-africa-infographic
 
Cpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographicCpi 2020-eastern-europe-and-central-asia-infographic
Cpi 2020-eastern-europe-and-central-asia-infographic
 
Cpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographicCpi 2020-asia-pacific-infographic
Cpi 2020-asia-pacific-infographic
 
CPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphicCPI 2020 - Americas - Info-graphic
CPI 2020 - Americas - Info-graphic
 

Recently uploaded

/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc.../:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...lizamodels9
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfmuskan1121w
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewasmakika9823
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...lizamodels9
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Tina Ji
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Roomdivyansh0kumar0
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 

Recently uploaded (20)

/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc.../:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
/:Call Girls In Jaypee Siddharth - 5 Star Hotel New Delhi ➥9990211544 Top Esc...
 
rishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdfrishikeshgirls.in- Rishikesh call girl.pdf
rishikeshgirls.in- Rishikesh call girl.pdf
 
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service DewasVip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
Vip Dewas Call Girls #9907093804 Contact Number Escorts Service Dewas
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.Eni 2024 1Q Results - 24.04.24 business.
Eni 2024 1Q Results - 24.04.24 business.
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)KestrelPro Flyer Japan IT Week 2024 (English)
KestrelPro Flyer Japan IT Week 2024 (English)
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
Lowrate Call Girls In Sector 18 Noida ❤️8860477959 Escorts 100% Genuine Servi...
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
Russian Faridabad Call Girls(Badarpur) : ☎ 8168257667, @4999
 
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With RoomVIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
VIP Kolkata Call Girl Howrah 👉 8250192130 Available With Room
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 

Gpc case study_eng_0221

  • 1. 1 Case Study Genuine Parts Company Builds Cyber Resilience with ISACA® ’s CMMI® Cybermaturity Platform The Business Need Cybersecurity is the #1 corporate governance challenge today — yet 87% of C-Suite professionals and board members lack confidence in their company’s cybersecurity capabilities.1 Genuine Parts Company, a multi-billion dollar, global service organization with over 55,000 employees, wanted better insight and management of their cybersecurity risk and complex security requirements to demonstrate their cyber resilience and mitigate cybersecurity risk. Genuine Parts wanted to align their cybersecurity processes and maturity along a common assessment framework. They needed a powerful tool that could be readily customized, shared and tracked by their cybersecurity and compliance professionals. They also wanted to create a shared approach and framework to communicate with enterprise leaders. To accomplish this, Genuine Parts selected ISACA’s CMMI Cybermaturity Platform to conduct a cyber maturity self-assessment because it provided an evidence-based approach for assessing, optimizing and reporting on cyber capabilities and framework alignment, and was able to be completely customized for Genuine Parts’ unique requirements. What is the CMMI Cybermaturity Platform? The CMMI Cybermaturity Platform helps large enterprises manage enterprise cybersecurity resilience, readiness and board confidence, as cyber threats and security requirements continue to evolve. This first-ever cyber maturity platform provides enterprises with the evidence-based insights they need to mitigate cybersecurity risk and build cyber maturity. CISOs and CIOs can confidently measure, assess and report on cyber maturity across the enterprise, aligned with globally-accepted industry standards. Company Background Genuine Parts Company (NYSE: GPC), founded in 1928, is a service organization engaged in the distribution of automotive replacement parts, industrial replacement parts and materials, and business products. The company services tens of thousands of customers from more than 3,600 operations across the world and has approximately 55,000 employees. With over 92 years of distribution expertise, Genuine Parts’ commitment and reputation for just- in-time service position them as a critical partner in their customer’s success. For more information, go to genpt.com
  • 2. 2 The cloud-hosted CMMI Cybermaturity Platform offers: • An industry-leading, enterprise-level solution that can be administered in-house or by professional experts and tailored to the unique needs of your business • A risk-focused capability self-assessment that targets the areas most relevant to your enterprise • A risk-prioritized roadmap that helps you focus cyber investments on the threats that will have the greatest impact • Assessment findings that align with global, recognized standards, including NIST (CSF, SP 800-171), ISO/IEC (27001, 27002), Threat Kill Cycle, FFIEC and CMMC The Business Challenge Genuine Parts Company determined that its initial cyber maturity assessment needed to create a baseline against a common framework that aligns with NIST CSF and the ISO 27001 controls. They needed to assess multiple units, demonstrate maturity that was aligned with the NIST CSF, and specifically focus on demonstrating maturity performance in managing risk; not something compliance-based. Genuine Parts customized the CMMI Cybermaturity Platform to target these specific areas for improvement in their assessment. • Apply governance elements • Apply risk strategy • Implement risk management • Implement risk identification • Ensure access control management • Apply data security protection • Apply organizational training • Ensure trustworthy systems • Apply operational protection provisions • Apply protection planning • Apply protective technology provisions • Apply cybersecurity incident detection • Apply continuous monitoring • Apply incident response • Apply incident handling • Apply incident recovery “The CMMI Cybermaturity Platform has enabled us to establish a quantitative baseline measure for our security program maturity in a very cost effective manner. The ability to customize the solution to our specific risk profile was a key differentiator in our selection process.” Damian Apone Global Security Program Director Genuine Parts Company
  • 3. 3 The Solution The CMMI Cybermaturity Platform Enables Genuine Parts Company to Conduct an Actionable and Insightful Cyber Maturity Assessment Genuine Parts selected the CMMI Cybermaturity Platform because of its alignment with globally recognized standards, particularly the NIST Cyber Security Framework (CSF), as it is already an industry benchmark with risk-based controls. Additionally, its Informative References and alignments across the 20 CIS (Center for Internet Security® ) Cyber Security Controls, COBIT Controls, ISA–62443-2-1–2009 (Security for Industrial Automation and Control Systems), ISO/IEC 27001 INFOSEC Controls, and the federal controls NIST SP 800-53 Rev. 4 -1 provide additional utility. To succeed, Genuine Parts determined that their initial CMMI Cybermaturity Platform maturity assessment model be: • Digital • Risk-based • Provide a risk profile/map • Easy to use • Customizable • Self-paced • Align to the NIST Cyber Security Framework (CSF) • Align to the ISO 27001 Controls for ease of self-assessment and improvement • Produce a roadmap for improvement As Genuine Parts developed their customized risk profile, the descriptors for each frequency of occurrence values led to invaluable discussions among the Genuine Parts senior leaders. Without these definitions, calibrating their current state and then defining improvement goals would have been nearly impossible. In addition, using the CMMI Cybermaturity Platform Maturity Scorecard within each Practice Area Assessment allowed employees to review and understand the People, Process, and Technology (PPT) objective for each maturity level, and its relative ISO 27001 Informative Reference by Maturity Level. This view provided specific insights for measured vs. targeted maturity levels—an eye-opening experience and a rallying cry for achieving continuous improvement. The Maturity Scorecard allows you to measure the current cyber maturity levels of people, processes and technology across your organization. See results instantly on your company’s Risk Profile Matrix. (Note: screenshots reflect sample data and are not specific to Genuine Parts Company)
  • 4. 4 Key Performance Goals Achieved While the Genuine Parts Company Enterprise Security Team could not control the number of security incident tasks it received, it could control how it handled their resolution in a more efficient and timely manner. Since the CMMI Cybermaturity Platform self-assessment in January 2020, they have: • Reduced Mean Time to Task Resolution (MTTR) from nearly 24 days (23.9) over the previous three quarters to an average of 6.5 days for the first two quarters in 2020 • Decreased the range of Backlog Days for Tasks from as high as 117 days during the previous three quarters, to a low of six days for the first two quarters in 2020 Addressing Improvement Opportunities Genuine Parts Company is increasingly shifting to a risk-based approach to the use of controls and cybersecurity frameworks. This has changed its whole basis of reference when leaders speak to each other. In the past, leaders based their performance perceptions upon perceived internal and uncalibrated frameworks from former experiences. This would lead to biased and perhaps misaligned deployment with mixed results. Using the CMMI Cybermaturity Platform and its self-assessment feature, Genuine Parts now has a comprehensive, objective and usable roadmap that was validated by an additional 3rd party assessment. Part of Genuine Parts Company’s 2018–2019 Strategic Planning Process was the adoption and alignment to the NIST Cyber Security Framework and its Five Functions of Identify, Detect, Protect, Respond, and Recover. C-Suite buy-in was much easier since the CMMI Cybermaturity Platform had the benefit of not just being grounded in the use of the CMMI model, but the added bonus of its alignment to the NIST Cyber Security Framework, its Five Functions, their Categories and Subcategories and Informed References throughout the Practice Area Assessments and reports. The self-assessment feature offers a comprehensive, objective, and usable roadmap.
  • 5. For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its 145,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. Lessons Learned Prior to Genuine Parts Company’s initial self-assessment using the platform, company leaders felt they were just spending money and making reactionary decisions for cybersecurity based upon preconceived, and often misaligned perceptions. Now, pulling from the NIST Cybersecurity Framework, its alignment to ISO 27001, Genuine Parts’ CMMI Cybermaturity Platform self-assessment and its validation by their 3rd party Cyber Maturity Assessment (CMA), Genuine Parts is now making risk-based cybersecurity decisions. Verifying data and spending the time needed to accurately determine Incident Pattern Prioritization can be immensely valuable: Genuine Parts found that they previously set higher maturity targets for themselves than were warranted. This realization helped them recalibrate their Risk Profile for some Potential Events and Vulnerabilities. Based on the feedback from the CMMI Cybermaturity Platform self-assessment, Genuine Parts is now preparing to launch an improvement program for the identified improvement projects to realize the benefits of their respective cybersecurity maturation. Learn more about the CMMI Cybermaturity Platform: www.isaca.org/cybermaturity “Key items that led to our selection of the CMMI Cybermaturity Platform include the mapping to multiple frameworks (e.g. NIST, ISO, etc.), along with the ability to customize the evaluation to our specific risk profile. Additionally the remediation roadmap functionality has helped us to identify what specifically we need to do to improve our maturity as well as helps us in prioritizing the efforts.” Damian Apone Global Security Program Director Genuine Parts Company ISACA’s CMMI enables organizations to elevate and benchmark performance across a range of critical business capabilities, including product development, service excellence, workforce management, data management, supplier management, and cybersecurity. For more than 25 years, thousands of high-performing organizations have achieved sustainable business success through CMMI adoption and demonstrated their ability as capable business partners and suppliers. © 2021 ISACA. All rights reserved. 1 2019 Official Annual Cybercrime Report from Cybersecurity Ventures and the ISACA State of Cybersecurity.