Accelerate secure cloud adoption for mission-critical workloads
Client: North American financial institution
Today's issues: Cybersecurity, Privacy and Financial Crime
A major North American bank with a focus on cloud-first technology expansion reached out to us to make sure the work underpinning its cloud-first journey was clearly evaluated and understood by key stakeholders.
The client needed a comprehensive view of the cloud security governance capabilities and how they should operate. To make sure cloud adoption efforts are managed, a detailed target operating model for public cloud was required. In addition, the client needed a way to integrate cloud-specific controls with enterprise control objectives and ensure the roles and responsibilities for securing public cloud would be well understood by many technical teams and partners.
We clearly understood our client’s challenges and built a governance program to account for people, process and technology. Listed below are some of the key actions our team took to help build technical and business alignment.
Designing of the cloud security target operating model ensured alignment on ownership, technical decisions, executable roadmap and downstream initiatives, and it enabled decision making by providing traceability of scope to the overarching strategy, vision and anticipated benefits.
By uplifting security controls and filling the existing gaps and a well-defined security configuration and protection program for cloud workloads (cloud workload assurance), we helped increase visibility and stakeholder trust. Furthermore, we helped our client identify security improvement opportunities in their enterprise delivery pipeline to increase performance through automated security checks.
The target-state architecture deliverables have been maintained by an enterprise architecture team and have been leveraged in many instances for architecture decisions and as a standard reference for architecture verifications. In addition, the capability map has been leveraged to develop a maturity roadmap and assessment framework for the cloud transformation program.
Cloud data security deliverables have enabled the bank to migrate the corporate data analytics platform to the cloud and benefit from virtually unlimited computing and machine learning capabilities.
Partner, Cybersecurity, Privacy and Financial Crime and National Cybersecurity Leader, PwC Canada
Tel: +1 604 806 7603
Senior Manager, Cloud Security, Cybersecurity, Privacy and Financial Crime, PwC Canada