Customer is a large semiconductor company with offices globally in many countries. Customer has dynamic IT environment with employees, partners, vendors connecting to corporate network globally.
- Lack of automated mechanisms to test the compliance controls
- Laborious manual processes to audit the controls against numerous global and regional compliances like ISO 27001 – 2013 , NIST CSF , CFIUS
- Very skeletal IT Security staff to keep up with continuous Compliance management
- Seconize DeRisk center is a comprehensive IT risk and compliance gap assessment product that leverages analytics, business context, and automation to proactively identify risks, ahead of a security breach.
- A pluggable and flexible architecture to customize compliance controls testing.
- Simple and intuitive workflows for auditing the people, process policies that are not automatable.
- Automated mapping of one compliance w.r.t to another compliance. For example ISO 27001-2013 to NIST CSF
IT / Business – Benefits & Key Outcomes
- Improved productivity as employees were spending less time with external auditors for interviews and filling questionnaires.
- Reduced “Cost-To-Comply” due to automated and self – assessments for different global compliances.
- Improved End Customer satisfaction due to increase in security maturity levels of the Organization.
Top Cyber Risks
- ISO 27001 – 2013
- NIST CSF
- Globally spread offices
- Multiple compliances – ISO 27001:2013, NIST CSF, CFIUS
- Automation of internal compliance audit
- Reduced time to audit