FORTUNE 500 CREDIT CARD, GLOBAL PAYMENTS, AND TECH COMPANY | IT SECURITY POLICY REVIEW AND SURGE CAPACITY

A multinational financial services company, specializing in payment systems and credit cards, engaged DarkTower to conduct a full review of IT Security policies and procedures.

1. REVIEW OF IT SECURITY POLICIES AND SURGE CAPABILITY

SITUATION

The client engaged DarkTower to conduct a review of the corporate IT Security policies and procedures, providing a resource surge plan to be able to rapidly scale based on the client’s IT Security needs.

SOLUTION

DarkTower conducted a full review of the client’s IT Security policies and procedures against the NIST framework as well as industry best practices. DarkTower also designed and implemented a Cyber Surge Team, allowing the client to rapidly deploy resources as needed to support time-sensitive projects and evolving cybersecurity needs.

RESULTS

The client strengthened their IT security posture through updated policies, procedures, and by implementing recommended best practices from DarkTower’s findings. The DarkTower Surge Team reduced resource onboarding time from 60 days to 48 hours from approval. This enabled the client to more effectively manage resourcing for critical projects and deliver on those previously in yellow or red status.

2. ASSISTING WITH A MIGRATION TO CLOUD BASED SAAS AND IAAS SERVICES

SITUATION

The client was transitioning to Cloud-based SaaS and IaaS services. As one of the largest card processors in the world, their organization routinely handles highly sensitive financial data. In addition, the organization was in the process of transitioning to Microsoft O365.

SOLUTION

DarkTower provided Security Engineering support for the O365 migration, including  comprehensive review and recommendations of O365 components. DarkTower’s consultants ensured information security requirements were effectively integrated into the cloud solution, while engineers assisted with defining best practices for secure configuration of the client’s information systems.  

RESULTS

Through ongoing consulting and Surge Team capacity, DarkTower enabled the client to implement their cloud-based service and continues to remain an integral part of the implementation, providing guidance and consulting services to the client’s team.

3. IDENTIFYING AND ASSISTING WITH IMPLEMENTING A GLOBAL VISITOR MANAGEMENT SYSTEM

SITUATION

The client was in the process of selecting a new global visitor management system designed to not only enhance their security posture, but create a positive digital experience for their visitors. The proposed solution replaced multiple existing Visitor Management Systems and manual processes, such as a physical log book and standalone tablet systems. It was essential for the system to provide a seamless workflow for pre-registering, registering, checking in, tracking, and checking out a visitor from a single global platform. The end goal was to provide a secure, frictionless visitor experience.

SOLUTION

DarkTower provided Security Engineering support for the vendor selection process including engineering support of a multi-location Proof of Concept with three vendors. Serving as the primary security engineers, DarkTower’s consultants were responsible for reviewing all vendor processes, infrastructure designs, and ensuring that the proposed solutions complied with the client’s security standards, while ensuring a frictionless visitor experience.

RESULTS

Through the DarkTower partnership, a vendor was selected and the project received funding for implementation. The system was successfully rolled out globally with all recommended security requirements in place.

4. THIRD PARTY VENDOR REVIEW

SITUATION

The client’s security team received numerous ongoing requests from various sources to assess security products and vendor capabilities. The volume of requests required a solution to efficiently research, track, and report assessments and vendor capabilities.

SOLUTION

DarkTower designed a vendor assessment tool with alignment to NIST 800-53 standards. In addition, a vendor assessment portal was developed to provide stakeholders visibility into assessment progress.

RESULTS

The vendor assessment system was successfully launched, processing an average of 50 assessments per month. Stakeholders now have the ability to utilize the self-serve system to review requests and receive status updates throughout the process.

5. ACTIVE DIRECTORY ASSESSMENT AND IMPLEMENTATION

SITUATION

The client was in need of a security engineering practitioner with expertise in implementing a new structure for Active Directory, and to ensure privileged account access was properly implemented.

SOLUTION

DarkTower identified a Subject Matter Expert to help manage, assess, and design a plan to implement a new structure for Active Directory and privileged account management.

RESULTS

The Active Directory Assessment was successfully completed, and DarkTower executed the transfer of ownership and operational responsibility of the Active Directory, as well as the overall infrastructure components, to the appropriate team in IT Security.


RELATED CASE STUDIES

READY TO GET STARTED?

READY TO GET STARTED?

STRENGTHEN YOUR DEFENSE

STRENGTHEN YOUR DEFENSE


Whether you need expertise in targeted intelligence, financial crime, cybersecurity, or need cyber talent to build your team of defenders, DarkTower is dedicated to helping you achieve your cybersecurity goals.

LET'S TALK

LET'S TALK

CALL US:

CALL US:

VSKORIC[@] GETDARKTOWER.COM

VSKORIC[@] GETDARKTOWER.COM