Management Consulting Firm
We laid a secure foundation for sound advice.
With millions in annual cloud spend, this consulting firm lacked central IT, security tools and baselines employed across their environments.
They wanted an assessment of their cloud environments’ security to evaluate against NIST and CIS security frameworks and identify areas of vulnerability.
We evaluated their overall cloud environments to identify gaps in security posture and provide recommendations for remediation and improvements.
About the Business
This American management consulting firm provides strategic management advice to corporations, governments and other large organizations around the world. It employs thousands of people in hundreds of offices globally.
The Business Problem
With millions in annual AWS and Azure spend, the firm lacked a central IT function and resold its various cloud environments to internal groups. With no universal security tools or baselines employed across the environments, it needed an assessment of its cloud environments’ security to evaluate against NIST and CIS security frameworks and identify areas of vulnerability.
Through discovery workshops, surveys, interviews with staff, and automated and manual assessments, 2nd Watch evaluated the company’s overall cloud environments to identify gaps in its security posture and provide recommendations for remediation and improvements.
2nd Watch reviewed firewall configs, VPC peering, and data flow along with the underlying infrastructure across 150 AWS accounts and roughly 5,000 VMs. As a result of the analysis, 2nd Watch provided a detailed gap analysis report to address security posture of the company’s AWS accounts and services against NIST and CIS benchmark frameworks and AWS security best practices along with recommendations for improvement and remediation. 2nd watch also provided cloud security architecture guidance and support to accelerate implementation of new architectures and assisted the company with its gap remediation.
The Business Benefits
The management consulting firm now has clear recommendations and guidance for remediation of its security gaps as well as remediation support from the 2nd Watch security experts to ensure alignment with NIST and CIS security frameworks.