No results found matching your criteria
Why not check out our most popular searches?

CASE STUDIES

European bank: recovering a cybersecurity transformation initiative

Our team of banking and cybersecurity experts were engaged by a European bank to recover a key transformation initiative within the cybersecurity function. The scope of the project had deviated from the original intention and progress had stalled for a significant period. As such, the project was at risk of failing to meet a number of regulatory commitments. Our team were tasked with steering the project back on track, driving change at pace and providing cybersecurity and regulatory advice.

  • Outcome 1: Accelerated the delivery of key regulatory commitments ahead of upcoming deadlines
  • Outcome 2: Progressed delivery of key initiatives to reduce cybersecurity risk
  • Outcome 3: Improved the reporting function to increase the quality and clarity of reports, providing data-driven insights and decisions for our client

The Challenge

Our client, a European bank, were engaged to accelerate delivery of a key cybersecurity project which was essential to improving standards within the bank, as well as delivering against several regulatory commitments. The project had drifted from its original intention and required a team of experts to land and prioritise accordingly to ensure successful delivery of the highest risk items in a short space of time.

Our team partnered with our client to take control of the project and focus delivery on the highest priority items within their cybersecurity function, in order to meet the Q4 2023 deadline. We supported our client by bringing both our banking regulatory experts and cybersecurity SMEs at a time when delivery had stalled due to a lack of change capacity within the client team. Using our expertise to interpret regulatory obligations into data requirements to drive decision-making, we were able to grip the programme and deliver against key initiatives such as upgrading the Security Operations Centre (SOC) service, implementing Multi-factor Authentication (MFA) and integrating a new Privileged Access Management (PAM) tool.

The Approach

We created a fully traceable mapping against the regulatory commitments and translated this into requirements and deliverables to give us our immediate priorities for the scope of change. Given the limited time remaining, we then applied a risk-based approach to the remaining items within the project to ensure the focus was given to quick wins or items that would address the highest level of risk. In parallel, we worked closely with project teams to collate evidence and data to create a reporting function which led to a clearer understanding of progress and helped our client make some informed data-driven decision on where to prioritise attention.

The Impact

By successfully taking control of the project, we were able to bring structure and control to our client, successfully remediating a number of regulatory findings ahead of the deadline, as well as implementing some key initiatives within the cybersecurity department. Our team of experts prepared several reports outlining the status of the cybersecurity department to ensure our client understood the future priorities and commitments to address on its journey to complete the transformation in 2024.

You may also like

Get in touch

Not sure where to start?

We can solve your toughest challenges. Whether it’s supercharging your customer experience, building platforms to fast forward your movement to digital, transforming your internal operations to boost efficiency and cut costs, or anything in between. We have the tools and expertise.

Ready to get started? Fill in a few details and we’ll get in touch as soon as possible.

Emiko Caerlewy-Smith

Partner