Mon, May 27, 2024

Kroll Assists Entertainment Conglomerate in Achieving Holistic Digital Transformation with Cloud Native Security Platform Implementation

Discover how Kroll partnered with their client to gain a comprehensive understanding of its unique infrastructure and security needs, identifying gaps and recommending data-driven insights to achieve a sustainable and highly effective security program.

The Challenge

Kroll Assists Entertainment Conglomerate in Achieving Holistic Digital Transformation with Cloud Native Security Platform Implementation | Kroll

An entertainment company, a pioneer in the industry for close to a century, has morphed into one of the largest and most recognizable media conglomerates across the globe. Keen on achieving a holistic digital transformation within stringent timelines, the organization sought an enterprise-scale cloud security service provider to oversee the migration and secure configuration of its expansive data centers to the cloud.

The company's business plan included a mandate to gradually decommission all data centers within a two–to–three–year timeline and transition to the cloud. This shift signified a considerable increase in the use of cloud service providers across the organization.

To ensure the total security of the cloud migration process, the company needed comprehensive visibility into cloud services, activities and security configurations, and sought proactive support to facilitate the transformation.

Having previously worked with Kroll on other projects, the entertainment company had already cemented their trust in Kroll’s competence and appointed the team for this job to be done.

Kroll's Solution

Kroll Assists Entertainment Conglomerate in Achieving Holistic Digital Transformation with Cloud Native Security Platform Implementation | Kroll

In order to execute a successful digital transformation initiative, the media firm enlisted Kroll’s expertise to design a highly effective Cloud Native Security Platform (CNSP) with three key objectives in mind:

  • Document compliance checks
  • Discover and uphold best practices
  • Provide recommendations for proactive cloud activity monitoring to detect and prevent potential attacks

Kroll employed its extensive cloud security consulting knowledge to deliver exceptional results on this engagement, which included configuring the CNSP tool and facilitating open discussions with the client team to refine alerts, train staff and establish context around the implementation process.

Kroll worked closely with the client to gain a comprehensive understanding of their unique infrastructure and security needs, collaborating with the client's Cloud Information Security (CIS) team to identify any gaps between their existing security measures versus what was required to develop a strong cloud security program. Throughout the engagement, Kroll remained actively involved in the process, providing essential insights and data-driven recommendations to the CIS team, which were then presented to the governance board. Additionally, Kroll presented mapping that aligned the client's current information security policies with the best practices for their business needs, cloud implementation and goals.

The primary deliverable of the Kroll engagement was a fully operational CNSP implementation that reflected the critical compliance checks and best practices established by the client team. Kroll provided a detailed assessment of the existing CNSP tool, which identified areas requiring improvement to meet the client's security and compliance goals. A comprehensive checklist was compiled and presented to the tool's product team, ensuring the CNSP would be upgraded to better serve the client's needs. Overall, Kroll went above and beyond to ensure that the client had a sustainable and highly effective security program that aligned with their client’s business goals and objectives.

The Impact

Kroll Assists Entertainment Conglomerate in Achieving Holistic Digital Transformation with Cloud Native Security Platform Implementation | Kroll

As a result of working with Kroll, our client has experienced numerous benefits. One of the significant advantages is the internal adoption of the CNSP. Within large enterprises, it can be challenging to gain buy-in for security measures. Kroll assisted the client's CIS in developing a baseline configuration for CNSP, which helped to get initial teams onboarded. Furthermore, the credibility of the tool was established, and internal teams were convinced that CNSP would aid in achieving security and compliance goals without causing delays.

Another advantage is better management of cloud services compliance. CNSP's sound base configuration has eliminated the need for day-to-day decisions on setting up new instances or accounts.

Consequently, the CIS and various security teams within the company can get up and running quickly and can plan ahead for expansion from the most critical assets and checks. Increased automation of cloud configuration is an additional benefit that Kroll has brought to their client. CNSP offers cloud security configuration and automation features that can save time, especially for large companies. To allow CNSP to make sensitive security configurations in an automated manner, trust in both the tool and the configuration is necessary. Kroll's assistance built the trust required, enabling teams within the client to embark on increasing security automation in the cloud.

Lastly, Kroll identified a flaw in Amazon Web Services (AWS)'s encryption handling during the implementation process. Coming up more often than expected, Kroll found that the client's internal documentation did not contain all the necessary information to configure encryption on user accounts effectively. By providing the entertainment company with feedback, Kroll helped their client improve its onboarding documentation process.

Need help staying ahead of a complex challenge?

Talk to an Expert


Cloud Security Services

Kroll’s multi-layered approach to cloud security consulting services merges our industry-leading team of AWS and Azure-certified architects, cloud security experts and unrivalled incident expertise.

Application Security Services

Kroll’s product security experts upscale your AppSec program with strategic application security services catered to your team’s culture and needs, merging engineering and security into a nimble unit.

Discover More Client Stories
Seamless Response to Ransomware and a Cyber Resilience Upgrade
Client Story
Seamless Response to Ransomware and a Cyber Resilience Upgrade

Seamless Response to Ransomware and a Cyber Resilience Upgrade

April 4, 2024
Learn how Kroll’s support has enhanced cyber resilience and fortified our client’s cybersecurity strategy.
Client Stories
Resolving a highly complex security breach for a Global Multinational

Resolving a Highly Complex Security Breach for a Global Multinational

February 14, 2023
Discover how Kroll employed its integrated expertise in Cyber Security Services, Financial Fraud, Workflow Assessment, and Physical Security Services to resolve and enable a fast recovery from the damage caused by a highly complex security breach.