Challenge: As one of the largest electric utilities in the U.S. serving 12 million customers and 835 communities, the client needed to secure a wide range of IT systems, including a nuclear power generation station and California’s electric power grid, with limited internal security resources.
Solution: Digital Security Consulting, Inc. (DSC) utilized a combination of people, process and technology solutions to manage and analyze important, actionable security information and distribute that information to the right people at the right time. DSC implemented a computer emergency response team (CERT) across IT and other business units to collectively identify, analyze, and mitigate cyber security threats and vulnerabilities. Additionally, our team implemented a third party Intelligence Service product to communicate security threats that are applicable to the client’s computing environment and assisted in prioritizing threats for the CERT based upon threat credibility, severity and risk.
Result: Our client is able to get ahead of the handful of applicable security threats that pose real risk to their computing environment and keep other resources focused on other tasks that help keep power flowing to its millions of customers. The client use to have at least 2 major security incidents per year for the last 3 years costing the company an average of $670,000 per incident. This figure does not include cost estimates for lost productivity. With the implementation of the DSC solution, there has not been a major incident in the last 18 months and counting.
Challenge: A large Fortune 500 company with over 1,500 servers, 12,000 desktops/laptops and over 20,000 network devices had no way of obtaining and managing useful security event information. The client’s security devices on-average generated over 20.5 million security events/alerts per day. As a result, the client’s information security team could not accurately identify or respond to cyber attacks. The incident and forensic investigation response times were usually measured in weeks, if executed at all.
Solution: Digital Security Consulting (DSC) analyzed the client’s security architecture and infrastructure.
Our consultants were able to identify and implement solutions and security technologies that:
1. Centralize the management and storage of security event data.
2. Provide the client with real-time visualizations of network and security activity.
3. Implement Intrusion Prevention Solutions (IPS) and other automated security controls.
Result: The client is now able to effectively do the following:
1. Identify cyber attacks and effectively manage security event information.
2. Reduce response times to cyber attacks from weeks to seconds.
3. Leverage new Intrusion Prevention Systems to replace traditional IDS
4. Effectively conduct forensic investigations.
The client is now able to easily manage security event data from a single platform for multiple security products and vendors. Additionally, the client’s Information Security team is able to view real-time visualizations of security events and immediately determine if a cyber attack is underway.
The DSC team also implemented IPS and other automated security response solutions that reduced previous response times to cyber attacks from weeks to seconds. These solutions have not caused any disruption to normal business operations.
The end result is that the client has not had a security breach in the last two years and non-business network activity at the Internet gateway has dropped by 45%.
Challenge: A large Fortune 200 company with over $2 billion in assets and 35 mainframe, client-server, web, ERP, and vendor-managed applications that affect financial reporting pertaining to Sarbanes-Oxley Section 404 requirements.
Solution: The client turned to DSC consultants to manage, test, and analyze control deficiencies during the key phases of their Sarbanes-Oxley assessment. Our consultants used their expertise with the standard General Computer Control areas, as well as established CObIT control objectives, to identify key risks and potential remediation.
Their recommendations permeated the Audit Services Department to the affected business groups and executive management. With the help of DSC’s resources of experienced and seasoned audit consultants, the external auditor was able to rely on a significant amount of testing, sample selection, and Sarbanes-Oxley review results. As such, DSC’s efforts decreased the resource drain and high costs of a Big 4 audit firm. Our consultants were also able to help our client meet their aggressive six-week SOX project deadlines by supporting their internal audit division.
Result: A revitalized audit effort that has improved IT security and operational processes on all financial systems across multiple business units and IT divisions. DSC helped to define procedures and narratives that document key control activities for subsequent Sarbanes-Oxley reviews. Also, as a result of their recommendations, crucial IT-related processes have been streamlined to secure financial applications, improve operational efficiency, and solidify the reliability of the client’s financial reporting. Thanks to DSC, the client is able to identify, mitigate and provide documentation to meet the Sarbanes-Oxley requirements.