The following account is an adaptation of an actual project, which TBI successfully completed for a client. It serves as an illustrative example of our methodology and expertise in management and technical problem solving. Due to strict confidentiality policies, certain specific details have been altered to protect the interests of our client.
Client
Our client, headquartered in New York, is a global professional services firm with 60,000 employees in over 100 countries, and with annual revenues exceeding $12 billion. The client provides:
- Risk and Insurance Services for major multinational corporations
- Risk Consulting and Technology
- Human Resources Consulting
- Investment Management Services
Project Background
Our client recently initiated a multi-year project to create an enterprise-wide shared services organization, migrating and consolidating more than 50 decentralized IT organizations into a common management group. A Wide Area Network Consolidation initiative was begun in 2010, and a unified worldwide MPLS based IP network is now nearing completion. Other consolidation initiatives exist around desktop, data center, voice communications and applications.
Client Issue
In late 2010 an internal audit of information security processes revealed a number of serious deficiencies in the policies, management and control of network based security systems, chiefly as a consequence of the historically decentralized structure of IT within the enterprise. With the completion of the unified IP based network platform, it was important that security management be controlled from a single point with common policies, monitoring and management of security devices. TBI was retained by the CIO, Infrastructure and Operations to develop a security management strategy for the enterprise. The CIO wanted an independent evaluation of the most appropriate solution to address the audit deficiencies. Specifically, TBI was tasked with comparing internal plans to build a Security Operations Center (SOC) vs. outsourcing security management and monitoring to a Managed Security Services Provider, and with recommending the most viable alternative.
Analysis
TBI prepared a baseline of current investments and development budgets, validated the proposed security solution and presented a consolidated financial, operational and technical view of the current and end-state security solution. TBI also surveyed the MSSP marketplace, talking with a wide range of vendors to develop a comprehensive and up-to-date view of the rapidly evolving market for outsourced managed security services.
Solution
The analysis indicated that from a cost perspective, over a five year life-cycle, there was little difference between building the security operations in-house, vs. outsourcing to a Managed Security Services Provider (MSSP). However, in terms of ensuring access to qualified staff, avoiding initial capital costs and high ongoing fixed costs, access to new technology and most importantly, time to implement, the outsourced solution was significantly more advantageous. TBI recommended that the client utilize the baseline data to prepare an RFP and undertake a competitive procurement for managed security monitoring and management, incident response and remediation.
Results
The client accepted all recommendations, and extended TBIs’ engagement to cover RFP preparation and oversight of a competitive procurement process. The client subsequently awarded a $10 million, three year services contract for monitoring and management of premises based firewalls, security appliances and IDS/IPS across its global infrastructure. All issues raised by the internal audit were addressed and the client is now in full compliance with all internal and external requirements, laws, regulations and policies with respect to network security.
Plan – Operate – Respond
