Case study

How did a national healthcare provider identify nine security initiatives aligned with business outcomes?
 

Business and IT challenges

 
Security
 

Implementing new security initiatives

Compliance

Increasing compliance and service level requirements 

 
 

Breach occured in 2015

Increasing business demands putting stress on limited IT resources
 
 

Creating a new CISO position

Business
Lack of insight into key business initiatives alignment with current IT projects

Datalink solution: Security Roadmap Workshop

  • Surveyed business units and security stakeholders
  • Aligned and prioritized security initiatives
  • Defined operational processes, technology capabilities, and security gaps
  • Provided an explanatory roadmap of current versus desired state
Client Experience

Results and impact

  • Identified 9 security initiatives aligned with business outcomes
  • Discussed the potential benefit of implementing an additional ServiceNow module
  • Identified key stakeholders in the organization to form the Security Governance Board
  • Helped define their governance framework around ISO 27002
  • Provided valuable insight based on survey results on the “voice of the business” to the board
  • Helped triage the most important controls to implement first
  • Developed an 18-month Datalink aligned roadmap with milestones
  • Freed up critical resources by having Datalink manage the entire survey process
  • Improved resource capacity to deliver more value to the business
  • Worked with client to set up next engagement for penetration testing and security capabilities assessment