The Challenge
The ongoing rapid pace of change in the cyber realm requires a corresponding modernization strategy to ensure capabilities remain ahead of the curve. Additionally, related organizational IT programs are eliminating on-premise data centers, driving a shift in how key cyber tools are deployed, operated, and maintained.
The primary toolsets leveraged to provide cyber capabilities also have specific issues around cost, scalability, user experience and compliance that need to be addressed.
Project Description
To scale support for critical enterprise cybersecurity use cases, a program to implement a hybrid, cloud-native SIEM platform that combines modern routing capabilities, log management technologies, and data technologies was a roadmap priority.
Further Advisory partnered with cyber security leaders to mobilize the program and initiate key workstreams. This platform intends to provide key capabilities for Global Cyber Security and enable critical activities performed by Cyber Fusion and Security Operations such as Detection/Content Development, Investigations, Forensics and Threat Hunting.
Outcomes Delivered
- Rapid Program Assessment. Applied Further’s multi-dimension framework to produce a targeted diagnostic of the overall program with actionable recommended improvements
- Roadmap and Plan. Developed an overall program roadmap that incorporated key milestones and delivery objectives to guide resource planning and dependency management
- Delivery Use Cases. Identified key execution activities involved in delivering the new platform over multiple phases and defined persona-based use cases to structure the work
- Resiliency Architecture. Defined a strategy, architecture, and implementation plan for ensuring resiliency in the new platform and the ability to provide cross-region fault-tolerance and disaster recovery
- Program Delivery. Implemented Scaled Agile principles and applied new rigor to existing processes to speed up delivery of high-quality elements of the platform
