HOME CLIENTS CASE STUDIES

CASE STUDIES

Case Study

Risk Management of Strategic Partners

Case Study Read more »

Case Study

Adoption and certification by ISO 27001 Standard

Case Study Read more »

Case Study

Persistent Pentesting Security Services

Case Study Read more »

Risk Management of Strategic Partners

Type of Client: Pharmaceutical / Biotechnology with more than 15,000 employees and global presence

  Challenge:

The Client has a set of strategic partners that provide technological solutions, mainly in CaaS (Cloud as a Service) model, and the client did not have the structure nor the in-depth knowledge to regularly perform the assessment of the cybersecurity posture of its partners and the potential risks that may arise from this.

  Impact:

The client now has an in-depth knowledge of the risks that result from each of its third parties and solutions, and through the follow-up and management of these deliverables has as a result, a considerable risk reduction to the organisation.

Through this service, the client was also able to respond in a structured way in order to comply with requirements regarding third parties risk management.

  Solution:

INTEGRITY presented a service designed together with the client which regularly performs the evaluation of each of the third parties designated by the client in order to carry out the identification, characterization and also provide recommendations on the identified risks.

The evaluation process holds several degrees of depth that are defined in accordance with the criticality of each of the third parties and the solution itself.

Within the scope of the service, and in order to provide a service as effective and efficient as possible, INTEGRITY combines the INTEGRITYGRC solution that accelerates the process of structuring, defining and identifying risks, as well as, the use of the Assessments module and risk management, providing the client with a more practical deliverable based on which it is possible to take action and monitor the evolution of the Implementation Roadmap.

  Related Services:

  • 3rd Party Risk Management (more information available soon)
  • integritygrc
    IntegrityGRC

Adoption and certification by ISO 27001 Standard

Type of client: National Government Entity

  Challenge:

Within the scope of functions development, the client had a regulatory requirement for the adoption and implementation of an information security management system (SGSI ISO 27001), with its certification by an accredited entity.

The Client did not have sufficient knowledge or resources to carry out the implementation.

  Impact:

The Client was able to increase its maturity and information security management practice very sharply through the adoption of ISO 27001, and was able to meet its ISO 27001 certification objective in the established time, through INTEGRITY’s implementation service.

  Solution:

INTEGRITY provided a service composed by a project, with the intervention of its consulting team that carried out the process of implementation and support in the certification obtained by the client.

During this project, which lasted 9 months, INTEGRITY applied its 5-step roadmap proven in numerous projects, through which supports the client in all activities, namely in the structuring of processes and documentation, in the implementation of these processes, definition and action of risk management analysis, operation, among other critical activities.

All activities carried out were supported by INTEGRITYGRC platform, which has a proven effectiveness of more than 40% at the time of its implementation, taking into account the functionalities provided by the platform that fully support all key activities in the implementation of a given standard or regulation, from the documentary components to ensuring its connection with the operational component.

  Related Services:

Persistent Pentesting Security Services

Type of client: Financial Entity with more than 35,000 employees and with global presence

  Challenge:

The Client has a very considerable set of business applications, with very sensitive data and financial transaction support, and with a high dynamic of updates.

The Client felt that the traditional test model could not keep up with the dynamics of their business requirements, as well as felling a lack of agility in the reporting process and management of the results of their Pentesting actions.

  Impact:

The customer was able through KEEP-IT-SECURE-24 to obtain a service with a very efficient cost compared to the service they previously had, with effective fulfilment of their objectives.

The service eventually helped the customer mitigate more than 60% of vulnerabilities compared to what they had before, and with a resolution time in some cases reduced to less than half of what had ben previously recorded.

  Solution:

This customer's requirements were immediately matched by KEEP-IT-SECURE-24 Persistent Testing service that INTEGRITY launched in 2013.

Through this service the client has Persistent Pentesting performed, integrated in its change management cycle and with manual in-depth tests performed by INTEGRITY’S certified team.

As a deliverable of this service, the client has access to the service platform where he can manage the lifecycle of vulnerabilities, ensure the interaction between the resolution teams and the INTEGRITY testing team, dynamic generation of reports and support during the effective resolution of vulnerabilities.

  Related Services:

CONTACTS

Portugal

Av. João Crisóstomo, n.º 30, 5º
1050-127, Lisboa | Portugal
T: +351 21 33 03 740
E: info@integrity.pt

United Kingdom

Suite 4B
43 Berkeley Square
Mayfair, Westminster
London, W1J 5FJ | United Kingdom
T: +44 20 3318 0800

España

Calle Edgar Neville, 6
28020, Madrid | España

 




x