Implementing Program Maturity in the Cyber Security Space
A confidential customer owns and manages critical infrastructure. They requested our help consulting, assessing, and implementing services to mature their overall Cybersecurity Program.
The focus of these projects was securing their IT and OT environments. Some of these projects are ongoing.
Our scope of work ranged from enterprise-wide security assessments to detailed roadmaps for mitigation and remediation. Our role included:
- Project Management for enterprise-wide assessment of cyber security controls in IT and OT environments
- Analyze conformance to industry standards and maturity level of IT/OT cyber security controls
- Develop a roadmap for mitigation & remediation
- Provide Cyber Security SME for Enterprise Cyber Security
- Manage delivery of presentations & workshops with executive leadership, management, CISO, and IT/OT SMEs
- Supported multiple improvement projects technical controls to ensure security of IT and OT environments
Seneca delivered transformational results, dramatically improving the company’s overall security posture. We helped mature the organization’s ability to secure critical infrastructure. Specifically, we implemented the following:
- Produced a comprehensive report detailing the customer’s control maturity, gaps, remediation recommendations, budgetary requirements & strategic roadmap
- Established network reconnaissance, OSINT, social engineering, and physical security reviews
- Performed internal & external pen testing of infrastructure and applications
- Assessed of a large body of IT & OT Security Policies & Standards for conformance to NIST Cyber Security Framework and supporting standards
- Ensured OT/IT environments were both consistently & effectively monitored
- Architected access controls (MFA and PAM) for OT, IT and PCI environments