The Challenge
UPGREAT AG; a Swiss-based cloud solutions and IT service provider was looking for a strategic partner to strengthen their architecture, build stronger defense systems, and improve their internal controls and operational processes.
How we solved it
Since 2018, Arco IT has acted as the dedicated CISO for the client. By managing the central coordination of all activities related to IT security, we continuously monitor, assess and respond to the changing threat landscape.
In case of cyber attacks, the CISO helps evaluate the situation and coordinate activities. In addition, the CISO ensures management and staff are regularly updated on changes in cyber security, and advises on how the company can be better positioned in this context.
First, the CISO measured the existing security maturity using CIS Controls and identified risk areas. Always working in collaboration with the IT team, the CISO helped develop a set of prioritized proposals to address the risks and received approval from the management to improve the technology and processes.
Since then, the CISO has helped the company continuously respond to the changing landscape of cyber attacks as well as the growing requirements of their customers. With operational and technical security well embedded into the company’s own systems as well as the IT environments of the businesses they support, the client can feel assured that their systems are in safe hands.
Finally, by achieving the desirable ISAE 3402 certification, the client has evidence of a safe and secure setup, expanding their ability to engage with the most demanding customers.
RESULTS:
- Security risks are continuously evaluated and company strategy is adapted as needed
- Internal teams and clients have a go-to person to handle any security questions and challenge
- Technical and operational processes are strengthened and developed in line with the threat landscape
- As an IT provider themselves, the client is able to showcase the Arco-implemented internal processes as a security benchmark for their own clients.