Case Study Cyber Security: Australia

2017-2019
Led a team of >50 cyber security professionals, 3 suppliers, across 11 projects
Lifted the Security Maturity from 1.99/5 to 3.7/5

Target: 2.75/5

Technical Security projects included
  • Antivirus deployed across the fleet
  • Patching for all endpoints across the network to secure against known vulnerabilities
  • Network Architecture and Segmentation
  • Secure Software Development protocol and processes
  • POS Security and System Hardening to lock down SRG’s endpoints and decrease the attack surface
Designed, contracted and embedded Security Detection and Response capabilities
  • 24/7 SOC partnership with an offshore vendor to detect, monitor and respond to cyber events
  • Operational Security processes and capabilities including Incident Response
  • Network and Cloud Visibility security tools and processes
  • User Entity Behaviour Analytics (UEBA) to baseline user behaviour and respond to anomalies
Endpoint Management
Upgrade to Landesk 2017 to control and manage SRG’s fleet of assets
Managed the procurement and integration of cyber tools
including
  • SIEM
  • Gigamon
  • Vulnerability Scanner
  • Data Loss Prevention
  • Identity and Access Management
  • SAP Monitoring Tool
  • UEBA
Standard Operating Environment (SOE) image for 40% laptop fleet to enable faster, simpler and safer provisioning and management
Role Based Access Controls (RBAC) to better define and give all staff access to what they need to do their roles, remove >2000 toxic combinations and violations of DOAs
Identity and Access Management (IdAM) solution and new capabilities to enable a single source for identities and implement faster, simpler and more secure onboarding, offboarding and personnel transition (JML).