Health Care / FMCG

Cyber Security Strategy & Transformation, Operate Models & Processes

Problem Statement – one of the largest Global Healthcare / FMCG client organisations had a major Cyber Security Breach resulting in many hundreds-millions Financial Losses as well as damage to its global reputation. So, the ask was to develop a Cyber Security Strategy, and Selection & Implementation of Systems/Tooling to mitigate the future security Risks, meet strict compliance regulations & standards, as well as provide assurance to the Compliance Regulator that such security breaches cannot happen again.

This global Healthcare/FMCG Organisation engaged us to develop & implement its ‘Cyber Security Strategy’, and Planning & Execution. We conducted a full review of the Client’s business requirements, security operate model & processes, people skills & capabilities, application integration, infrastructure, and networks.

We identified opportunities for improvement, designed a programme of work to underpin the rollout & delivery, organisational structure, people skills & capabilities. We carefully conducted a comprehensive “Strategy Review & Audit” and made recommendations for improvements. Our Specific responsibilities & activities, included (this is just a short summary):

• Definition & execution of Cyber Security’ ‘Vision Strategy & Roadmap’, aligning technology with the client business needs.
• Conducted full review of Cyber Risk Exposure & Security & ICT Strategy, Processes, Systems/Tools and Systems Integration, and a full review of high-risk critical clinical applications, ERP, HR, Finance, and CRM systems.
• Effectively performed a 360-degree strategic reviews, presenting recommendations at up to CxO level, and setup the agreed programme for successes e.g. People, Processes, Systems/Tools.
• Lead the development of Commercial Proposal RFP/RFI, including identification/scoping of business/Technical requirements.
• Identified Ten (10) potential vendors and lead the Vendor/SI commercial appraisal, selection, and managed RFP/RFI processes.
• Coordinated/managed commercial RFP responses & pricing negotiations with (Ten) global Tier1 Vendors e.g. IBM, Microsoft, Oracle, Dell/One Identity, Infosys, CA, and others.
• Formally completed ‘due-diligence’ and presented 3-strategic shortlisted vendors/SI partners to the procurement team and the Governance Board for a final approval.
• Developed & presented a formal Business Case and Recommendations to the C-Level Executives/Board and gained Approvals.
• Recruited/developed a programme delivery teams for the execution / delivery / implementation of the Approved Roadmap & programme of work.
• Tracked multi-vendor delivery progress and reported at C-Level Exec Board and Executive Stakeholders.

Successfully developed ‘Cyber Security Strategy’ encompassing, Operating Model Design, Process Design, Technology & Vendor Selection, Solution Architecture & Design, and underpinning Security Policies & Standards designed to mitigate the future Risks as well as meet the Regulatory Compliance Audit requirements.