A client approached us to help them identify and reduce security vulnerabilities across a globally dispersed organisation with a highly complex IT infrastructure that had grown significantly over time. The client had a very small security team that was overwhelmed and struggled to drive remediation across technology teams who were also extremely busy.
We gathered requirements, classified assets managed by different technology teams, took time to understand how different technology teams worked across the IT function and proposed several options that did not rely on a central security team chasing technology teams to remediate vulnerabilities. After a few workshops, we were able to hone in on the best technology solution, agree on policies and define an approach that would truly embed vulnerability management across technology teams and help significantly reduce vulnerabilities across their estate.
Custom dashboards show each technology team the vulnerabilities for assets they manage; teams are now able to patch systems addressing vulnerabilities in a risk-prioritised manner. Trending reports are sent monthly to senior technology leadership, who can quickly identify which teams need additional support addressing vulnerabilities.
The Quartz team's solution has significantly lightened the burden on our small security team. Now, vulnerability management is integrated across the IT function, improving efficiency and response times.”