Our Services:
Industry:
Case Study Generali

Digital Systems Cyber Security for Generali

Analysis of key risk areas and current best practice for core digital systems.

Faced with increasing legislative requirements and a complicated IT service hit by sophisticated Cyber Security and Privacy threats, Generali asked us to help them understand the key risk areas and current best practice for their core digital systems.

Although they were required to undergo frequent audits at an enterprise level, these audits tended to look at general controls or topics, and Generali identified the lack of review of the end-to-end processes for six core business systems.

They recognised the importance of engaging a specialist independent organisation to conduct this review and provide the validation of risk level required to ensure full transparency for their customers and satisfy regulatory bodies.

“The specialist expertise and skills presented by the Leading Resolutions team enabled us to cut through what was a highly complex and challenging piece of work. With high expectations and visibility from our board, they delivered speed and accuracy that we would never have been able to achieve ourselves.”
CIO
Generali

Given the sensitive nature of the data being managed within Generali’s core systems, we recommended an approach based on the NIST Cyber Security Framework (CSF). This would provide Generali with consistent output across all systems with regards to cyber security risk management and opportunities for improvement. In addition, we reviewed each system’s compliance with GDPR to ensure there were no areas of concern.

We undertook a three-step approach based around the NIST Cyber Security Framework: core system documentation review, site visits to look at the systems and assessment of the contractual positions.  We also conducted a cradle-to-grave view for one business critical system.

The Solution

We documented the assessment findings too and delivered a core application review report for discussion with the Board.  ​The report provided a high-level overview of the risks identified and led to the approval of a number of cybersecurity and governance initiatives. It also informed Generali of any systems that required a more detailed assessment and analysis.

Mapped risks to NIST Cyber Security Framework to create a core application risk register​

Approved cybersecurity initiatives: adoption of a standard software development life cycle (SDLC), introduction of a security incident & event management system, Vendor Manager and Security Officer recruitment and enhanced governance measures​

Continue Reading

Major Programme Replan and Recovery
Case Study

Major Programme Replan and Recovery

Organisational Redesign for National Trust
Case Study

Organisational Redesign for National Trust

Supporting the Digital Sourcing Initiative for Matalan
Case Study

Supporting the Digital Sourcing Initiative for Matalan

Successful Transition of Major Assets for Drax
Case Study

Successful Transition of Major Assets for Drax

Creating a Scalable Data Management Governance Framework for Experian
Case Study

Creating a Scalable Data Management Governance Framework for Experian

Building a Fit for Purpose IT Function for Private Equity
Case Study

Building a Fit for Purpose IT Function for Private Equity
Decoupling AA Ireland
Case Study

Decoupling AA Ireland

Cyber Transformation Programme for Dyson
Case Study

Cyber Transformation Programme for Dyson

Strengthening Cyber Security Maturity for Nelsons
Case Study

Strengthening Cyber Security Maturity for Nelsons

Digital Due Diligence to Support Future Business Need
Case Study

Digital Due Diligence to Support Future Business Need

Maximising GDPR Compliance; Minimising Cyber Security Risks for FitFlop
Case Study

Maximising GDPR Compliance; Minimising Cyber Security Risks for FitFlop

Creating the Digital Workplace for Travis Perkins
Case Study

Creating the Digital Workplace for Travis Perkins