Restructured Large-Scale Security Program for Fortune 500 Financial Institution
Industry
Financial Services
Services
Strategy & Planning, Technology Modernization
As cyber threats grow more complex, even the most sophisticated institutions can find their security programs outpacing original plans.
Opportunity
A Fortune 500 financial institution identified a need to reduce potential cybersecurity and data risks. However, when the breadth and scope of the security program built to address critical cyber, data, and technology vulnerabilities outgrew the original project plan, the organization sought the assistance of a strategic partner experienced in digital program structuring and delivery.
Two Roads was tasked to restructure a $100M+ program to improve visibility for leadership and efficiency across all involved teams.
Outcome
Reduced Vulnerabilities
Prioritized key initiatives reduced vulnerabilities by over 80%.
Scalability
Scaled the program while minimizing cost overruns and enhancing leadership visibility.
Established Governance Model
The program was institutionalized with robust processes and a sustainable governance model.
Improved Experience
Improved the LOB experience by clearly articulating requirements, increasing productivity, and reducing the noise within such a large-scale program.
Approach
Before developing the program, Two Roads conducted “empathy sessions” to gain a better understanding of line of business (LOB) pain points. Two Roads then established program governance to level set on goals, expectations, reporting, and KPIs. In addition, we established a dedicated team focused on program improvements in preparation for the program scope’s growth over time. Our team further streamlined the program by separating out Run-the-Business (RTB) that comprised up to 25% of the total work.
By addressing the vulnerabilities, avoiding cost overruns, and providing visibility to leadership, Two Roads was able to deliver greater value to the financial institution and institutionalize the cybersecurity and data risk management program. The resulting program ensured the highest priority work was executed to minimize risks and improve LOB experience through clearly articulated requirements and increased productivity.
Authors
