ENGAGEMENT
DayBlink Consulting engaged with a large healthcare provider to conduct a rapid assessment of their data protection function, with a special focus on identifying a rationalized tech stack for identifying, classifying, and protecting data in the Cloud.
PROBLEM
The executive team of a large US healthcare organization was looking for ways to better use a multi-million dollar technology investment and requested for the cybersecurity team to provide a list of major capability gaps. Data Protection was chosen as the first domain to be assessed (out of 10 Domains, loosely tied to industry frameworks). This assessment required a methodology that was both lightweight and allowed for minimal resource investment, while still solving for detailed line item requirements.
The Data Protection team had previously focused primarily on data loss prevention, with some of the data classification, tagging and governance responsibilities shared across multiple teams leading to redundancy in toolsets and lack of a clear data protection strategy. A major request of the business was to identify a minimalized toolset that could cover data protection both on premise and in the Cloud, while still accounting for current data protection functionality as well as any material gaps identified during the assessment.
SOLUTION
Our team led targeted discovery sessions with key stakeholders to confirm self-assessment questionnaires, to ensure a minimum burden on already overtaxed cyber practitioners. Observations were captured at a granular level and subsequently mapped to findings, opportunities and primary owners. We structured all the to allow for robust and multi-level reporting, while also enabling further domains or subsequent assessment cycles. Secondary market research into leading data protection tools, tech stack and adjacent enablement tools supplemented and bolstered our findings.
All opportunities were scored, categorized and placed on a proposed roadmap to support strategic initiative efforts. The methodology and framework used to assess maturity of the Data Protection capability was captured as a playbook for the remaining domains within the cybersecurity function. Our goal with each opportunity profile was to identify actionable projects that would mature the cybersecurity and/or resiliency capabilities of the team (over short and long term horizons).
Finally, we packaged all the collected data and recommendations in a BI tool that sat on top of the opportunity database, including several templates for reporting and tracking. This initial effort was designed with the larger assessment framework in mind to ensure that all tools and frameworks could be re-used for subsequent domain assessments.
RESULT
The client slotted more than 35 refined improvement opportunities into a multi-year roadmap, including both “quick win” and “transformational” opportunities that we identified. Each opportunity was supported in the database by traceable findings, notes and research items to ensure that the assessment would have staying power and historical backing. Many of the major opportunities related to the ability to classify and track data in the Cloud, as on-prem was much more mature and the organization leveraged different cloud providers for different solutions. This allowed our team to help build a proposed tech stack that would maintain the coverage and capability set as compared to the current tools, and would allow for scalability to cloud-based applications as more and more of the infrastructure migrated from data centers.