Advisory Retail Client Story

Execution of a Security Assessment Impacting 50 Physical Retail Stores and 12 Business Lines

A major telecommunications and media company engaged Security Compass’s expertise to help execute an extensive security assessment across 20 customer applications, 50 physical retail stores and 12 business lines - all to be completed within 5 weeks. No problem.

North America
Retail, Technology

Practice Areas
  • Application Security Baseline and Framework Development
  • Physical Security
  • Phishing Simulation
  • Network Security Assessment
  • Configuration Review
  • Web Application Security Assessment


Our Client’s Challenge:

  • A need to raise the profile of cyber security to the management board and to demonstrate the strategic value of building a security program across the organization.
  • An urgent requirement to scale the assessments quickly and complete 240 person-days of work within 5 weeks. The Client sought a partner who could help execute a suite of assessments involving over 20 customer web applications across 12 business lines, 50 physical retail stores that served over 5,000 customers per day, with minimal impact during holiday season.
  • The Client was uncertain how internal teams would perceive the security testing as the Client had never performed such a large scale assessment. They were looking for an experienced team who could help accomplish this feat with limited time.

Our Approach:

  • Security Compass developed a close partnership with our Client’s business lines and technical security teams to ensure that the security assessments would meet the needs of all stakeholders.
  • We helped our Client communicate the goal of the security program and assessment objectives to numerous business stakeholders across the organization. This helped build a case to help the business understand the risks and our Client’s security goals, while being sensitive to the perception and communication strategy required to gain buy-in.
  • Specific assessments performed included:
    • Social engineering
    • Web application assessments
    • Device reviews
    • Infrastructure and network assessments

The Result:

  • Security Compass helped our Client complete all the 240 person-days of work within 5 working weeks. We helped our Client meet tight timelines and ensured that strategic recommendations could be reported up to their management board in time for the Client’s next board meeting.
  • We helped our Client build a business case for stronger IT security within the enterprise and opened the eyes of business stakeholders to security risks.
  • We were able to communicate the value of penetration testing and security assessments for our Client which could be leveraged to set a baseline for future strategic improvements and management reporting.
By illustrating the value of penetration testing and security assessments within our Client’s organization, we helped them set a baseline for future strategic improvements and brought security awareness to their enterprise.

Back to Client Stories

Contact Us

You’re different, and we know it.

We are your guide to planning, assessing, and helping you build secure information systems to keep your business productive.

Contact us to find out how we can help you.

 
Mostly
Some of
 
(Choose One)
(All that apply)
Web Search
Online Ad
White Paper
Analyst Report
Trade Show
Worked With Us Elsewhere
Referral
Other