Our Chief Information Security Officer (CISO) helped in maintaining security, allowing for advanced global research with cybersecurity strategy enhancement.

Company Profile

This quasi-government organisation employs around 400 researchers and administrators, collaborating with EU, US, and other global government and educational establishments. It’s dedicated to comprehensive North Atlantic research activities, focusing on disease spread, wildlife stocks, environmental impacts, and sensitive human activities.

Company Mission

The CEO and Senior Leadership Team are committed to managing an organisation that delivers world-class analysis and information. With the increasing cyber threats and vulnerabilities, there’s a critical need to enhance the level of information security to protect the organisation’s reputation and maintain its leading position. The appointment of an experienced Information Security (IS) Leader was imperative to guide the organisation through complex cybersecurity decisions and maintain its integrity, ensuring no risk to its reputation or delivery capabilities.

CISO’s Objectives

The CISO is responsible for steering the enterprise’s vision and strategy to protect information assets and technology. The CISO leads efforts to mitigate IT risks, responds to incidents, establishes standards and controls, and directs the implementation of security policies and procedures. This role encompasses information-related compliance, including achieving ISO/IEC 27001 certification.

What The CISO Did

Provided Leadership And Elevated Security Readiness

The CISO leveraged digital leadership skills to empower and direct the IT team towards meeting business and IT security objectives. By adapting to the evolving IT landscape and introducing new security technologies, the CISO ensured the SLT’s confidence in the organisation’s security stance.

The CISO managed information sources and provided data analysis reports to senior management. This involved handling multiple concurrent projects. Creative problem-solving and forming business partnerships were key in driving the cybersecurity strategy enhancement forward. The CISO’s strong customer focus and excellent communication skills ensured that he informed and involved all stakeholders.

Day-To-Day Management

The CISO continually refreshed the cybersecurity strategy. They helped in updating IT security risk assessments and informing the SLT about ways to minimise threats. By monitoring security vulnerabilities and staying updated on cyber security technologies, the CISO ensured business continuity and implemented an effective process for reporting and investigating security incidents.

Developing future strategies for security incidents and championing the latest security strategies and technologies, the CISO ensured ongoing quarterly improvements in cybersecurity strategy enhancement. Thereby maintaining the organisation’s integrity and leading role in global research.

The Results

  • Delivered IS services into every part of the organisation, both onsite and at sea. 
  • Successfully kept CapEx and Maintenance budgets within the 5-year plan agreed upon by the SLT prior to the start of the CISO engagement, despite spiralling costs and an exponentially increasing threat environment. 
  • Successfully renewed security supplier contracts for another 5 years without increased cost but with increased threat monitoring capability, onsite and at sea. 
  • Kept Cyber Insurance renewal premiums to a minimum working closely with underwriters to ensure mutual understanding of perceived risks and threats. 
  • Maintained full Thycotic Mapping compliance across the whole organisation and threat landscape.