Construction of a Rapid Deployment Information Assurance Program
Executive Sponsor: Chris Bullock, CISO, Director of Information Assurance, Aaron's Inc.
Project Team: Jamie Matherly, Dean Mallis, Jim Moore, Meghan Flynn, Derek Weaver, Sarah Countryman, David Bird and Bhavin Patel.
Location: Kennesaw, GA
Aaron’s began with little to no Information Security Program. In 2012 Aaron’s hired its first Information Security Director/ CISO. With enormous support from the businesses executive team through budget and understanding the CISO was provided a blank canvas to develop a program which would need to be deployed in a rapid manner to meet compliance and regulatory security requirements. A base team of highly professional security engineers was hired and some transferred from within the organization simply due to their passion for the field and a major, effective and industry record rapid deployment security program was born at Aaron’s. Four primary pillars were stood up which consisted of Risk Validation, Incident Management, Governance Policy and Standards and Data Governance. Each pillar had assigned pillar leads who worked with the CISO to build some of the most highly effective control in the industry within their pillar realm in a rapid manner. Within a year and a half the team had put into place a program that would assist Aaron’s in becoming compliant with certain unique regulatory requirements it has as well as with PCI and ISO 27002 alignment. The details of how this was done are quite amazing to hear and would be a great presentation at the ISE function in 2015 as a featured project. In fact this can be considered many major sun projects lumped into one major project which is the rapid construction and deployment of a unique and entire security program.
Card Data Protection Program
Executive Sponsor: Scott Frost, CISO, Belk
Project Team: Hans Broder, Dwayne Edwards, Tisa Mullis and Carley Nevills.
Location: Charlotte, NC
As the nation’s largest family-owned retailer, Belk took on the challenge to transform its security posture by introducing an extensive Card Data Protection Program. In less than six months, Belk stood up a new security team and successfully deployed several information security solutions to protect its card processing system, network perimeter and significantly enhance the store’s controlled environment. Belk successfully implemented these critical changes without experiencing a single store outage, and in the process, was capable of achieving PCI and SOX compliance. Additionally, the program established a detailed security awareness strategy across all 300 store locations emphasizing security as one of the businesses top priorities.
Implementation of Identity and Access Management at Brown-Forman
Executive Sponsor: Darrell Keeling, Director, IT Security & Quality, Brown-Forman
Project Team: Darrell Keeling, Todd Werner, Robin Nicholson, Kelly Lewis, Gloria Nusz, Jeff Brown, Clay Colwell, Rick Hopkins, Kathy Phillips and Jim Robinson.
Location: Louisville, KY
Brown-Forman launched the Identity Management project in order to support the company’s rapid global expansion into new countries and the need to provision entitlements and identities to new users. The goals of the project were to deliver efficiencies in security administration due to centralized identities and entitlements; obtain complete visibility into all active users within all systems, achieve improvements to security processes and controls through automated and uniform process repetition; reduce costs associated with processing entitlement requests; and significantly reduce SLAs due to self-service entitlement provisioning.
BotRadar
Executive Sponsor: Pete Chronis, Chief Security Officer, EarthLink
Project Team: Bart Bailey, Malcolm Staudinger, David Holmes, Bill Lewis, Jason Geppert, Chris Douglas and Robbi Azizian.
Location: Atlanta, GA
BotRadar is a proprietary threat reputation platform designed to identify suspicious and malicious events from raw log data from firewalls, IPS, application logs, email and DDoS prevention systems. Log data is automatically analyzed for malicious behavior, anomalous activity or high risk application specific events. EarthLink uses this data across multiple corporate platforms to proactively block threats. Custom modules within BotRadar block spam, identify advanced persistent attacks or block fraudulent authentication or dictionary-style attacks aimed at the company’s web applications. This nomination focuses on a recent BotRadar enhancement designed to block malicious authentication attempts to our corporate and customer facing web applications.
Threat Age Prevalence Oversight Utility Tool (TAPOUT)
Executive Sponsor: Bob Quandt, Executive Director, Information Security, Healthways
Project Team: Joshua Tower, Russell Butturini, Alex Schjelde, Willie Hight and Paul Wolf.
Location: Franklin, TN
The TAPOUT project provides an interface for server owners to view vulnerability scan results for their systems. This gives them a view into their overall security health while providing a set of responses they can use to ensure action is being taken and to provide one hundred percent accountability and tracking of all server vulnerabilities in the enterprise.
Jabil Security-as-a-Service Initiative
Executive Sponsor: John Graham, CISO, Jabil
Project Team: Erik Collasius, John Graham, Mike Theriault, Walther Ardon, Greg Fisher, Troy Riley and Gabriella Nelms.
Location: St. Petersburg, FL
Jabil’s global customer base is highly competitive regarding intellectual property, cutting edge innovation, and the secrecy surrounding new product launches. Losing this data would result in millions of dollars in contract fines, as well as, major loss of existing and future business. To minimize customer and Jabil risk, Jabil created and adopted a portfolio of security-as-a-service solutions in order to better protect and secure the company’s critical information. The security-as-a-service initiative spanned three areas: application access, data loss prevention and external threats. This project enables Jabil to close security gaps, have an accelerated rapid time to value, leverage its security technology and practices as a market differentiator and create a competitive business advantage in the marketplace.
Operationalize a 24/7 Security Operations Center (“SOC”)
Executive Sponsor: Michael Mangold, Director, Information Security, Tractor Supply Company
Project Team: Michael Mangold, Don Marsee, Jason Beaty, Keith Drone, Jason Pointer, Raymond Beaudoin and Gabriel Kraft.
Location: Brentwood, TN
Tractor Supply built and operationalized a formalized 24/7 Security Operations Center. This included pulling log sources from over 8000 devices, correlating events, establishing run books, creating automated remediation steps, establishing a team and a visual presentation of metrics for our executive team.
Project Xenos
Executive Sponsor: Joe Bennett, CISO, Director of Enterprise IT & Information Security, YP
Project Team: Joe Bennett, Roosevelt Reynolds, Steve Singer, Phil Santos, James Zimmerman and Darrel Butler.
Location: Tucker, GA
IT and Security budgets and headcounts are constantly under attack. With Security resources running lean, implementation and maintenance of programs is a constant battle of resources and finances. Project Xenos was created to address the issue of how to implement and maintain programs (Data Loss Prevention, Managed Security Services, and the like) to address risks posed to the company in a sufficient manner.