Scroll Top
Hand holding cybersecurity virtual lock
0
By Charisma Burghouts Case Study January 10, 2024

Cybersecurity ISO Implementation Case Study

[image_with_animation image_url=”10461″ alignment=”center” animation=”Fade In” hover_animation=”none” border_radius=”none” box_shadow=”none” image_loading=”default” max_width=”50%” max_width_mobile=”default” img_link=”https://staging.sdgc.com/wp-content/uploads/SDG-Case-Study-Cybersecurity-ISO-Implementation-1.pdf” margin_bottom=”20″][ult_buttons btn_title=”Download Case Study” btn_link=”url:https%3A%2F%2Fwww.sdgc.com%2Fwp-content%2Fuploads%2FSDG-Case-Study-Cybersecurity-ISO-Implementation-1.pdf|||” btn_align=”ubtn-center” btn_title_color=”#ffffff” btn_bg_color=”#69d72d” icon_size=”32″ btn_icon_pos=”ubtn-sep-icon-at-left” btn_font_style=”font-weight:bold;” btn_font_size=”desktop:18px;”]
[text-with-icon icon_type=”image_icon” icon_image=”11663″]

Challenge

Enhance the client’s information security posture with special consideration to their unique and complex security requirements[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11665″]

Solution

ISO 27001 deployment along with TruOps GRC platform.[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11666″]

Result

Security measures meet ISO 27001 standards, the ability to affirmatively respond to the state of their security program and an expedited and efficient compliance process.[/text-with-icon]

Summary

SDG had the opportunity to collaborate with a multinational, publicly traded organization specializing in photonics solutions.

In Depth

Challenge

Recognizing the rising number of cyber threats and regulatory changes, the client sought to enhance their information security posture. The client’s unique position as a provider of high-performance commercial lasers and 3D sensing technologies added a layer of complexity to their security requirements due to their use in a wide range of manufacturing, defense, and consumer applications.

Specific challenges to overcome:

[text-with-icon icon_type=”image_icon” icon_image=”11587″]

ISO 9001/TL 9000 certified but lacking any security certifications required for customer assessments (ex. ISO 27001:2013).

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11589″]

DOD projects required compliance with NIST 800-171 & CMMC 2.0 Level 2 requirements.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11588″]

Existing security measures lacked depth and structured processes resulting in inconsistent risk management.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11593″]

Executive management understood production and manufacturing risk, but not ISO 27001 requirements.

[/text-with-icon]

[text-with-icon icon_type=”image_icon” icon_image=”11586″]

An array of applications, systems, and owners across global operations

[/text-with-icon]

Solution

SDG designed a comprehensive solution to these challenges, including ISO 27001 standard deployment. The client also purchased TruOps, an SDG-integrated GRC platform.

[icon_timeline timeline_line_color=”#425b76″ time_block_bg_color=”#f7f7f7″ time_sep_color=”#000000″ time_sep_bg_color=”#69d72d” tl_animation=”tl-animation-shadow” timeline_margin=”margin-right:5px;margin-left:5px;”][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Gap assessment of current environment for ISO 27001:2013, NIST 800-171, CMMC 2.0 Level 2 & NIST CSF controls

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Development of remediation plans for identified gaps

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ title_font_size=”desktop:18px;tablet:18px;tablet_portrait:18px;mobile_landscape:16px;mobile:16px;” desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Prioritization and remediation of identified gaps

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ title_font_size=”desktop:18px;tablet:18px;tablet_portrait:18px;mobile_landscape:16px;mobile:16px;” desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Internal audit for ISO 27001:2013

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ title_font_size=”desktop:18px;tablet:18px;tablet_portrait:18px;mobile_landscape:16px;mobile:16px;” desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Readiness and participation in external audit of ISO 27001:2013 certification

[/icon_timeline_item][icon_timeline_item title_font_color=”#333333″ desc_font_color=”#333333″ title_font_size=”desktop:18px;tablet:18px;tablet_portrait:18px;mobile_landscape:16px;mobile:16px;” desc_font_size=”desktop:17px;tablet:17px;tablet_portrait:17px;mobile_landscape:15px;mobile:15px;”]

Facilitation of external audit and ISO 27001:2013 certification for global headquarters

[/icon_timeline_item][/icon_timeline]

Results

Following the deployment of ISO 27001 and integration of the TruOps GRC platform, the client’s headquarters now meet ISO 27001 standards with a global rollout underway.

In addition:

[nectar_icon_list animate=”true” color=”Accent-Color” direction=”vertical” icon_size=”small” icon_style=”border”][nectar_icon_list_item icon_type=”numerical” title=”List Item” id=”1722525885544-1″ tab_id=”1722525885544-10″ text=”For the first time, the client can affirmatively respond to the state of their security program.”] [/nectar_icon_list_item][nectar_icon_list_item icon_type=”numerical” title=”List Item” id=”1722525885596-8″ tab_id=”1722525885597-8″ text=”Experienced a reduction in time spent on customer-vendor questionnaires and meeting RFP requirements.”] [/nectar_icon_list_item][nectar_icon_list_item icon_type=”numerical” title=”List Item” id=”1722525885663-7″ tab_id=”1722525885664-1″ text=”Significantly enhanced employee buy-in and understanding of security issues and their individual responsibilities within the organization.”][/nectar_icon_list_item][nectar_icon_list_item icon_type=”numerical” title=”List Item” id=”1722525885706-3″ tab_id=”1722525885707-6″ text=”Benefited from an expedited and efficient compliance process.”][/nectar_icon_list_item][/nectar_icon_list]

Conclusion

The project was a remarkable success, meeting and surpassing the client’s expectations. SDG not only implemented ISO 27001 at the client’s headquarters but also designed a risk-based approach for global implementation. This forward-looking approach ensures the long-term value and scalability of the solution, helping the client maintain rigorous information security standards across all its locations.

[ult_buttons btn_title=”Download Case Study Here” btn_link=”url:https%3A%2F%2Fwww.sdgc.com%2Fwp-content%2Fuploads%2FSDG-Case-Study-Cybersecurity-ISO-Implementation-1.pdf|||” btn_title_color=”#ffffff” btn_bg_color=”#69d72d” icon_size=”32″ btn_icon_pos=”ubtn-sep-icon-at-left” btn_font_style=”font-weight:bold;” btn_font_size=”desktop:18px;”]

About SDG

SDG is a leading provider of technology, consulting, and managed services that enable organizations to confidently execute cybersecurity, identity, and risk management solutions to mitigate risk, protect assets, and grow securely. To learn how SDG can help your organization, visit SDGC.com or call us, +1 203.866.8886.

Charisma Burghouts / About Author
More posts by Charisma Burghouts