The Security Foundry focuses on next generation security solutions for organizations. The Security Foundry is a program based on
The Security Foundry solves the business challenge of in today’s ever-changing world, organizations are looking for a flexible approach to delivering solutions to the ever-growing security challenges. However, most organizations are not working in a collaborative manner and thus:
Security project backlog grows.
Investments are not being fully utilized.
Business outcomes are not aligned with security posture.
Day 2 support is not aligned and thus causes delay and rework.
We introduce a program approach that looks at the holistic view of the challenge rather than point solutions. Point solutions may appear to solve the current challenge however it compounds the core problem. We approach the challenge by accessing the overall company from a process, invested toolset, and business outcomes.
We create small teams of experts to work side-by-side with our customers to co-create solutions to real problems. The teams is assembled based on the use case we are trying to solve. The teams are always a combination of Enclave and the client and may also include strategic third partners of the client or Enclave.
Each foundry project produces client specific outcomes however we can abstract away the following common themes for the work done in the foundry:
Business outcomes are aligned within the organization.
Lower operating cost
Higher success in day 2 management operations.
Higher utilization of invested toolsets.
A global fortune 500 company was seeing a backlog of security work and could not keep up the desired business timelines. The company was trying to solve the problem by hiring additional staff and investing in tools.
Enclave established a security foundry under the direction of the Chief Security Officer. We performed an initial assessment and found the following were occurring:
The established security posture was not being adhered to at the time of application creation.
Security data did not adhere to a data management model and thus the data was not shared in a secure manner with other groups.
Two groups within the company were running POCs with a single vendor, both trying to achieve the same goal. This caused a resource strain as well as defocus of the group.
Enclave applied its methodology and process to address each of the items with positive outcomes:
Enclave reviewed the SOP and security posture documentation and established a small working team. The team changed the SOP to be aligned with the overall business outcome and not a specific group’s view. In addition, we developed a review and certification process at the beginning of the application lifecycle which included the security posture. We also created a linkage between the security documentation and the operational system that applications were created in.
Enclave created a cross functional team within the company and Enclave and established a data management model that was put into the company’s SEIM. This resulted in lower cost for tools and storage as well as created an optimized operations environment
Enclave worked with the business owners and document the desired business outcomes. Enclave built a cross functional team that included the vendor to work together to address the real-world client problem. The positive outcome was the company achieving their business outcomes in a timely manner and lower cost. The vendor was able to prove their technology in a real-world environment and further their relationship with the company. The company was also able to see establish a better partnership with the vendor.