Large government entity that conducts research under the Department of Energy.

Business Challenge
Client determined that a comprehensive security operations assessment and gap analysis of their current Process and Technologies deployed in the environment should be conducted and a strategic plan developed to address the overall organizational security operation’s needs. 
Solution

During this engagement ISG completed a comprehensive assessment of the current security program, identified gaps and delivered a 5-year Security Strategy and Roadmap aligned with client’s mission.

This comprehensive assessment included all aspects of the unclassified portion of the information technology environment with the goal of documenting current implementations, determining the overall state of the information technology environment, and developing remediation strategies for any deficiencies identified. 

 

Leading provider of Quality Management tools on SaaS platforms.

Business Challenge
The client wanted to move from a legacy architecture to one based on Microservices and cloud platforms. In addition, there was no formal and consolidated security function within the organization or a roadmap for security and compliance.
Solution

ISG was engaged by Client to provide Security Advisory services to client security leadership and executive team. ISG conducted an initial Security Posture Assessment to evaluate current state. Once completed ISG developed a Strategic Security Program that included Information Security Program Framework, GRC, Threat Management, Security Architecture, and Incident Response. ISG also collaborated with client to develop the consolidated Security Organization structure in use today.

National medical group providing treatment for the chronic disease of addiction.

Business Challenge
The Company needed an assessment of their current security posture, relating specifically to CIS Controls, network and application security, and asset management.
Solution

ISG was engaged to deliver a comprehensive Security Postural Assessment, CIS Controls Assessment, and specified network and application penetration testing services.  This comprehensive assessment included all aspects of the information technology environment with the goal of documenting current implementations, determining the overall state of the information technology environment, and developing remediation strategies for any deficiencies identified.

National pharmaceutical wholesaler serving health systems, government, and the Department of Defense.

Business Challenge
The Company needed to conduct a comprehensive NIST CSF assessment and gap analysis of current Process and Technologies deployed in the environment and develop a strategic plan to address the overall organizational security operations needs.
Solution

 ISG was engaged to deliver a comprehensive NIST CSF assessment and security scorecard evaluation.  This comprehensive assessment included all aspects of the information technology environment with the goal of measuring the organizations current security maturity level and establishing a baseline risk management framework and corresponding security operations roadmap.

Leading provider of Learning Management Solutions for Healthcare customer on SaaS platforms.

Business Challenge
Client is a publicly traded Healthcare solutions company experiencing dynamic growth in both customers and application solutions. ISG developed and implemented a Security program that included Security Operations, Threat Hunting, Application and Cloud Security and implementing a DevSecOps model.
Solution

Invicta Solutions Group consultants designed conducted a Security Risk Assessment that included reviews of the People, Process and Technologies in lace and measured them against the NIST CSF framework and OWASPO SAMM Secure SDLC model. ISG implemented a 24x7 Security Operation Center with associated tooling, a Threat Intelligence and Threat Hunting capability and designed a Secure Cloud Hosting Model on AWS platform. Additionally, ISG developed an Internal Security Champions Framework to support the organizations 35 development teams and implemented DAST and SAST  tooling and process.

Provider of Telecom Management and Sourcing Solutions

Business Challenge
Client engaged ISG to respond to an incident the Technology Team discovered after an executive’s email was breached. ISG consultants responded to the incident and conducted a forensics investigation on client’s systems both on premise and cloud based. 
Solution

As part of ISG Advisory services offering, delivered incident response services, deployed EDR solution, led forensic investigation and imaging of impacted systems and implemented full vulnerability management solution. ISG consultants were able to identify and contain the incident in the first 24 hours and client systems were restored and fully recovered in 72 hours. Client subsequently engaged ISG to conduct security remediation efforts on their systems.

Leading provider of marketplace and group booking platforms for the hotel industry.

Business Challenge
Client was challenged by security issues in their multiple AWS environments and needed assistance configuring operational access and designing a security roadmap for future growth.
Solution

ISG was engaged to deliver a cloud security assessment to review Client’s platform architecture deployed in AWS.  ISG reviewed the people, processes, and technologies associated with the Cloud Deployment and Operations and delivered a risk prioritization and remediation roadmap.