Incident Response Transformation
Executive Sponsor: Almir Hadzialjevic, VP, Enterprise Risk and Security, Aaron's Inc.
Project Team: Jim Moore, Lead security Engineer – Cyber Incident Response, Jared Portela, Project Manager – Information Security, Sarah Countryman, Development Operations Engineer, Marlon English, Manager – Platform Operations, Michael Cushman, Infrastructure Engineering - Senior Engineer, Will Moore, Manager – Development Operations, David Nolan, Director – Information Security, Dave Mullin, Director Security Operations (Mosaic451 ), and Michael Hiromoto – Senior Cyber Engineer (Mosaic 451)
Location: Atlanta, GA
The Incident Response Transformation project represented an initiative to improve Aaron’s capabilities to detect, respond, and remediate information security events. This initiative focused on creating a new, higher value MSSP relationship, improving the team’s detect and respond capabilities through new technologies and processes, improving visibility into Aaron’s environment and have more complete and accurate coverage of Aaron’s threat landscape.
Bank of America’s Access Review “Access Analyzer”
Executive Sponsor: Steve Schwartz, SVP and Senior Executive, Bank of America
Project Team: Aaron Broadway, SVP, Product Manager, Eric Nanney, SVP, Development Manager, Dave Pritchard, Director, Development, Paul Harding, VP, Design/Development, Raveendar Veeramalla, VP, Development Lead, Balaji Srinivasan, VP, Development/UI Lead, Brian Kaplow, SVP, Product Management, and Rob Burden, SVP, IAM Development
Location: Charlotte, NC
In 2016, Bank of America completed a project to transform a complex identity and access management (IAM) system into one simple system that reduced overall risk for the company. A foundational component of the program was to implement a single enterprise-wide system where managers could efficiently make access review decisions. In 2017, the bank introduced enhanced functionality named “Access Analyzer,” providing a unique ability for managers to review and decision access across their entire team in one view. The Access Analyzer offers a consolidated view of an entire team’s access with a visual representation of common access across the team, helping the reviewer execute decisions more knowledgably and quickly, thereby reducing risk of inappropriate access.
Mobile Clinician Project
Executive Sponsor: Jeremy Meller, VP IS&T, Children’s Healthcare of Atlanta
Project Team: Heath Baker, Team Lead, Field Services (SR), Robert Covington, Manager, Cyber Security, Frank Grogan, Sr Cyber Security Analyst, Jamie Hobbs, Sr Applications Analyst, Desiree Jennings, Project Manager, Atul Kanvinde, Director IS Business Partnerships, Clinical, Mike Kendall, Team Lead, Field Services, Jeremy Meller, VP IS&T, Stoddard Manikin, CISO, Brandon Potvin, Applications Advisor, Josh Sears, Senior Applications Analyst, Justin Shelf, Applications Analyst, and Sarah Thomas, Manager Optimization & Support
Location: Atlanta, GA
To improve clinician to clinician communication, Children's Healthcare of Atlanta replaced the existing hospital communication solution to provide enhanced services, including: bar code scanning, secure messaging and integration with Epic. The purpose of this project was to develop and implement the necessary clinical and infrastructure components to improve operational workflows in order to provide a seamless and secure means of communication and medication administration documentation. Objectives included providing secure messaging compliance, increasing mobile efficiency of nurses and clinicians, improving communications effectiveness between caregivers, integrate alerting, nurse-call, and bed-management, and reducing the number of devices needed for the care process.
PhishMe Triage Implementation Project
Executive Sponsor: Michael Johnson, Sr. Director, Cybersecurity, Community Health Systems
Project Team: Gil Ednacot, Manager, Security Operations Center, Joshua Morgan, Team Lead, Threat Management, Randall Rodden, Security Engineer, Threat Management, Leigh Prickett, Project Manager, Threat Management, Ian Burton, Security Engineer, Security Operations Center, Ndomupei “Memory” Nyandoro, Security Engineer, Security Operations Center, and Hayden Redd, Assoc. Security Engineer, Security Operations Center
Location: Franklin, TN
The PhishMe Triage Implementation Project provided employees the ability to quickly report phishing e-mails preserving required message headers. It improved the Security Operations Center’s ability to detect, prioritize and efficiently respond to phishing based attacks. Automation grouped like e-mails into campaigns and tracked user reporting reputation. The project began with an inbox of over 100,000 emails that had been individually reported by users. Over the course of the project, a ruleset was built to process these emails into the appropriate category. At project close, 100% of reported emails had been classified. The project demonstrated its effectiveness through external penetration testing.
CISO Sentinel Security and Compliance Risk Management Platform
Executive Sponsor: Wes Knight, CISO, Georgia Department of Revenue
Project Team: Chris Austin, Information Security Analyst, Larry Faulkner, Information Security Analyst, Jan Gaines, Information Security Analyst, Tavaris Lundy, Information Security Analyst, Joe Bellott, Information Security Analyst, Wes Knight, Chief Information Security Officer, and Steve Hodges, Chief Disclosure Officer
Location: Atlanta, GA
The Georgia Department of Revenue Office of Information Security is responsible for securing a threat and regulatory landscape that encompasses multiple Federal mandates and 3rd Party Information Service providers. This project implemented a security and compliance risk management platform, CISO Sentinel, to capture operating efficiencies in management of the program. Using continuous monitoring and management, the platform enables greater control of cybersecurity risks by effectively managing the processes associated with obtaining, identifying, processing and aggregating key information. Significant elements of the project focused upon prioritizing the review of critical security alerts, automating governance processes, eliminating redundant silos, and streamlining compliance and management reporting.
Enterprise Cloud Gateway
Executive Sponsor: Nalini Subu, Sr. Manager, Enterprise Data Protection, The Home Depot
Project Team: Surya Sivakumar, Architect IT Security and Rakesh Shah, Architect IT Security
Location: Atlanta, GA
The Home Depot’s Enterprise Cloud Gateway focused on the implementation of a CASB solution for IT Security to have visibility into the various cloud services adopted by the entire enterprise. Prior to working with Netskope, the Home Depot IT Security team had zero visibility into the data, activities (uploads, downloads), endpoints or devices being used to access CSPs. With the implementation of this solution, IT Security now has insight into the data and user activities in the cloud, in addition to metrics from the various endpoints. The Data Loss Prevention suite was rolled out as a major part of this project covering services like BOX & O365 (OneDrive).
Security Vision 20/20
Executive Sponsor: Bob Varnadoe, Chief Information Security Officer, NCR
Project Team: Randy Conner, Director, Threat Detection and Response, Kumaran Rajasekaran, Manager, Security Operations, Alex O’Brien, SIEM Engineer, Shivangi Rai, SIEM Engineer, and Saurabh Aggarwal, SIEM Engineer
Location: Atlanta, GA
Security monitoring can be one of the trickiest and resource intensive tools to deploy well. With a quickly maturing security program, NCR saw a gap in the visibility of its monitoring program. With thousands of severs, applications, network gear and SaaS solutions to monitor, NCR needed a good solution for gaining this visibility and an extensive way to onboard, track and alert on the thousands of logging points in their environment. Working with their third party MSSP they put in place a program to allow a robust set of tools to do just that.
Operation On Watch
Executive Sponsor: Kenneth Johnson, Director, Enterprise Risk and Security, Randstad USA
Project Team: Don Sloan, Chief Information Officer, Jay Ferguson, Chief Legal Officer, Alan Jarrett, Sr. Director Cloud Infrastructure, and Richard Brown, Information Security Risk Analyst
Location: Atlanta, GA
To provide fundamental capabilities to protect information assets of Randstad, clients, and stakeholders to mitigate the risk and potential impact of data breaches. The project was anchored around deploying comprehensive Data Loss Prevention and threat management capabilities. Randstad is a professional staffing company; putting people to work requires handling sensitive personal information. Randstad is also committed to fulfill contractual obligations to protect the privacy of its client’s sensitive information. Maintaining its reputation as a trusted brand and reliable staffing partner depends on the company’s ability to keep confidential the sensitive information Randstad is empowered to protect.
NERC CIP Standards Version 5 Implementation Project
Executive Sponsor: Karen Mincey, VP IT & CIO, TECO Services, Inc.
Project Team: Terri Khalil, IT QA & Compliance Director, Paul McClay Former Director, Information Security, Risk, & Compliance, Jason Sizemore, Manager, Cyber Security Operations Center, Pat Boody Former IT Compliance Advisor and Project Lead, Dale Savage, Compliance Technical Lead, Scott Wetterling, Project Manager, Dali Uresti, Lead Compliance Analyst, Xiomara Acevedo-Barrios, Compliance Analyst, Vince Galentine, Industrial Control Systems Sr. Security Architect, David Grotenberg, Sr. Cyber Security Specialist, Brad Morrow, Former Cyber Security Analyst, Chris Oneal, NERC Cyber Security Controls Analyst, Elvin Ramirez, Sr. Cyber Security Specialist, Eric Templeton, Configuration Management Analyst, Cay Robertson, Manager, Service Desk & Access Administration, Gregorian Ward, NERC Patching Administrator, Vince Labrato, Substation CIP Compliance Analyst, Gary Benson, Substation Sr. Consulting Engineer, John Currier, Manager, Manager, Substation Engineering & Grid Modernization, Bill Davis, Ethics and Compliance Manager, Ernie Giudice, Manager, Distributed Systems, Susan Mueller, Director, Emergency Management, Manny O’Bryant, Administrator Strategy & Business Continuity, Jeff Ogden, Manager, Network Operations and Broadband, Bharat Patel, Sr. Network and Systems Analyst, Ron Petrus, Manager, Substation Operations, Randy Pisetsky, Supervisor, Substation Engineering, Yasodha Ratnasekera Manager, Asset Management & Performance, Bryan Schenke, Sr. Network and Systems Analyst, Patrick Shell, Manager, Asset Management, Kevin Rimes, Physical Security Coordinator – Access Controls, Katy Schneider, Corporate Investigator, Kelly Sloan, Manager, Facility Services, Chris Steele, Manager, Engineering & Maintenance, and Peggy Steele, Manager, Human Resources
Location: Tampa, FL
Protecting the power that keeps the community running: that was the goal of the North American Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards Version 5 Implementation Project. While TECO Services are well-prepared to serve their 750,000+ customers with safe, reliable electricity, very real threats like cyberattacks raise the challenges exponentially. About 120 people in departments across TECO tackled 221 requirements to significantly enhance and add controls for the Bulk Electric System (BES) control centers, as well as bring substations into scope. With a massive project that few outside the company are aware of, TECO has built a stronger, safer community.