CIA Can't Be MIA - A Client Case Study

The global computing infrastructure of a Fortune 500 financial services company was changing rapidly due to a significant corporate restructuring. The Technology Security Officer was tasked to lead development, infrastructure and security teams in ensuring the enterprise security, testing and controls protected the confidentiality, integrity and availability (CIA) of intellectual property spread throughout their global computing systems. As the infrastructure evolved so did the need for centric methods to reduce the risk levels based on additional attack vectors present. Application development consisted of over 3,000 applications with many having externally facing interfaces.

Zyston identified the need for enhanced security testing methods in the areas of Application Development (SDLC), Threat and Vulnerability Mgmt., Pen Testing and Compliance Mgmt. With Zyston’s continuous improvement efforts, the company was able to reduce the attack vectors and inherent risk by reducing associated findings within each area.

The results were a reduction of 20,000 related Coding issues, 30,000 patching issues, 100,000 Pen Testing and 80,000 compliance issues and protecting the confidentiality, integrity and availability (CIA) of the company’s data and assets.