top of page

Cybersecurity Organization Restructuring Services (CORS)  for a retail banking organization in Brisbane, Australia
 

  • Executed Security Strategy Alignment by assessing the Bank’s current security posture, identifying gaps, and restructuring the cybersecurity

organization to ensure that it is appropriately aligned with the organization's strategic priorities.

  • Conducted Maturity Assessment and Improvement by evaluating the Bank’s current cybersecurity maturity level and identifying areas for improvement. This assessment involved assessing processes, technologies, and personnel capabilities to enhance the overall security posture.

  • Conducted Organizational Design and Governance to optimize the Bank’s cybersecurity organization's structure, roles, and responsibilities. The activities included designing its cybersecurity governance model, establishing clear reporting lines, and defining accountability frameworks to ensure efficient and streamlined operations.

  • Deployed Incident Response Optimization processes by restructuring the incident response team, defining escalation processes, enhancing communication channels, and aligning incident response  & validation with broader business continuity and disaster recovery plans.

  • Led Talent Management and Skill Development by assisting the Bank in attracting, developing, and retaining cybersecurity talent. It involved assessing the  Bank’s current skill gaps, designing training programs, and implementing strategies to build a robust cybersecurity workforce.

  • Led Regulatory Compliance by embedded security control as required by the Australian Prudential Regulation Authority (APRA) Prudential Standard CPS 234 Information Security requirements. This involved restructuring the Bank’s cybersecurity organization to establish transparent compliance roles and responsibilities, implementing necessary controls, and aligning processes with relevant compliance frameworks.

  • Led Third-Party Risk Management by evaluating the Bank’s existing vendor management processes, identifying vulnerabilities and transborder data governance, and restructuring the organization to implement direct oversight and monitoring of third-party relationships.

 

Results: Reduced Security Incidents by 21%; Improved Incident Response Times; Independent Attestation to  APRA’s CPS 234, CPG 234, and CPG 235 guides adherences; Enhanced Third-Party Risk Management by reducing number of vendors  by 10%, and Reduced Cybersecurity operations cost by 18%.

bottom of page