Depending on the size of the organization, a cybersecurity department can be composed of just a few experts or more than a hundred. They all have one thing in common: cybersecurity departments have reached a turning point where they can no longer be standalone. Facing this challenge, how can they continue to demonstrate the value of the services they provide?
One solution adopted by organizations with a mature security posture is to package cybersecurity services in cybersecurity/cyber defense platforms. These are designed to serve business interests.
- Has its own operating model and core services for businesses
- Increases the user (business) experience
- Influences the external ecosystem by dialoging with providers and key market/institutional stakeholders
- Transforms the cybersecurity delivery model to demonstrate more agility and an open mindset.
How does Capgemini Invent help?
We support the design of these new age cybersecurity platforms, mainly made of (but not limited to):
- Cybersecurity cockpit: endorsing operational strategy, portfolio management, controls, dashboarding, operating model improvement, and the implementation of security by design
- Management of (security) events: including the Security Operations Center and vulnerability management
- Identity & Access Management: determining the ID lifecycle, authentication choices, privileged accounts, etc.
- IT resilience: based on data/application/systems recovery plans and exercises
- Crypto services: such as encryption solutions, certificates, bastions (if not in IAM services)
The platform is supported by two forces that are not directly visible to the business:
- Cybersecurity architecture and maintenance: traditional security architectures were built on the idea that enterprise networks had to be a secure and isolated space, but this model is becoming obsolete as perimeters are dissolving. State-of-the-art companies are leaving perimeters behind and embracing, or already deploying, Zero Trust features.
- The Cybersecurity Center of Excellence: comprised of specific experts or project managers who respectively contribute to and are called on to support internal or external (to the platform) projects, including, experts working with cloud teams, DevOps initiatives, digital workplace transformations, etc.
Leading global bank
We built the bank’s central cyber-defense service offer, comprising 120+ collaborators across six locations, with one objective: transforming the approach into being more business-centric.
As part of this transformation, we helped design a fit-for-purpose roadmap based on the introduction of a clear dialog between business and IT, which enabled us to understand the roles and responsibilities of the different teams and adapt to their needs.
Interested in a DevSecOps maturity security assessment?
To find out more about our Digital Security Culture services, contact Jeanne Heuré