AdvisoryTechnologyClient Story

Aligning the Security Standards of an Acquired Company to their Parent Company

An online media streaming company was recently acquired by a large technology conglomerate and sought Security Compass’s help to develop a comprehensive security program so they could be more aligned to the security standards of their new parent company.
Read our other Technology Client Stories.

Technology, Entertainment

Practice Areas
  • Security Program Management and Execution
  • Software Development Life Cycle (SDLC) Gap Analysis and Best Practices
  • Application Security Baseline and Framework Development
  • Architecture Review and Threat Modelling
  • Secure Development Standards

Our Client’s Challenge:

  • Having been recently acquired by a large, Parent organization that had mature security standards, our client needed to bring up the security standards of their software development life cycle (SDLC) as quickly as possible.
  • The parent company had vastly different security cultures in place at the time of acquisition. Our Client did not have an existing security team, plan, policies or procedures in place, making it difficult to know where to even start.
  • Timelines to align security standards and processes to the Parent organization were aggressive. All assessments had to be performed without downtime to the website since this was our Client’s primary asset and monetized product.

Our Approach:

  • Security Compass had a strong relationship with our Client’s parent company through prior engagements. This provided familiarity with the expected security standards that our Client had to meet. We were able to work closely with teams from both sides, acting as a partner and a catalyst to promote communication and alignment.
  • As a result, we were able to design, develop and begin the implementation of a comprehensive company-wide security program, including:
    • Development of a secure SDLC program
    • Architecture review and threat modelling
    • Development of a network security program
    • Recruitment of staff to build up internal security team
    • Third-party vendor assessments
    • Security incident and response processes

The Result:

  • We were a trusted advisor and partner for both our Client and the Parent companies, successfully bridging project and communication gaps between two security cultures.
  • Advising on all aspects of our Client’s holistic security program, Security Compass helped create a new secure SDLC program and drive risk management of applications, IT infrastructure, and third party vendors.
  • We also contributed to the development of security response processes for identifying, triaging, and resolving urgent security issues.
  • Security Compass was instrumental in helping develop a comprehensive security program for our Client, bringing them in alignment with the higher security standards and expectations of its Parent company.

Our Advisory services team has more than a decade of experience focused on Application Security. We take a flexible approach to your strategic security problems.

Whether you are a global enterprise looking for advice on security strategy and governance, a major financial seeking support on regulatory compliance and penetration testing activities, or a startup looking for high quality assessments to give customers assurance for your business, we're here for you.

Our credentialed professionals are experts in how to break applications and fix code, who take pride in helping you succeed in your Secure SDLC and Secure DevOps programs. Contact us today to learn how we can help solve your organization’s application security challenges.