Project Example Cyber Security
Cyber security program in a major bank

The Objective

Precise and rapid integration of the IT infrastructure and the IT application landscape across all business functions (including integration of external business partners). Coordination of Transitional Service Agreements (TSA) to ensure smooth business operations during the integration phase.

The Challenge

Early and intensive involvement of all stakeholders to justify additional work requirements in the business units to support the cyber security measures. Prioritization of measures along the House of Cyber Security and timely implementation at several company locations.

In the course of the project the following work packages were addressed

  • Detection and Processing of Incidents
  • Security Operations Center
  • Cyber Crisis Management
  • Incident Management

Communication and Awareness

  • Security Passports
  • Security Awareness Campaign
  • Fake phishing campaigns
  • Security trainings (e.g. web-based)

The Approach

Reinforcement of productions

  • Backup/ Recovery Plans
  • Resynchronization Plans
  • Hardening (including instructions)
  • Antivirus Implementation

Security of outsourced Services

  • Partner Security Awareness Campaigns
  • Cloud Framework
  • Security Annex Implementation

Control of “vital” Systems

  • System/ application classification
  • IAM requirements
  • Patch Management
  • System Certification

Protection of sensitive Data

  • Secure Messaging
  • Implementation of Encryption Tools
  • File Sharing
  • Management of sensitive Data

Targeted steering of the Project Management Office (PMO)

Fixed governance and reporting structures were defined for effective project management. Sub-projects contained specific and largely separate areas of responsibility, in which responsibilities were clearly defined. Project members had regular and transparent communication in their subprojects - also between the subprojects involved.

Clear objectives and outline of the project scope

The overall objective of the project was defined at the beginning with all stakeholders involved. “Scope creep” and schedule delays were efficiently prevented through implemented demand management.

IT and Cyber Security Know-how

Our colleagues have many years of experience in the implementation of projects in the IT industry and have therefore planned project activities with foresight. Our team of specialists was able to pass on targeted knowledge to the partner organisztion during the project

Effective and far-reaching Stakeholder Management

Regular coordination with the directly involved project stakeholders Involve indirectly involved stakeholders to best align the project with the corporate overall strategy

© 2022 grosse-hornke