Protiviti's Security Platform Rationalization Tool - 6 Week Assessment


Understand your current security solutions compared to those included in Microsoft’s E5 enterprise licensing to identify potential security gaps, tool redundancy, and cost reduction.

The primary purpose of Protiviti’s Security Platform Rationalization Tool is to understand the client’s current security solutions compared to those included in Microsoft’s E5 enterprise licensing to identify potential security gaps, tool redundancy, and cost reduction opportunities in Microsoft 365.

Rationalization Tool Objectives and Methodology

  1. Document capabilities and tool costs for the existing security solutions
  2. Compare current capabilities to those included in Microsoft’s E5 licensing and identify areas of redundancy and overlap. Align capabilities to cybersecurity frameworks (CIS & NIST)
  3. Analyze capabilities against the most common successful attack vectors* to determine how each is being addressed with current security solutions
  4. Recommend prioritized security solution changes to address security gaps & capability redundancy
  5. Create a phased implementation roadmap to address the following: Critical security control gaps, Tool redundancy with consideration for existing dependencies, Immediate wins, and Cost and alignment with contract expiration timelines

Summarized below are the key takeaways and recommendations identified through the security solution rationalization review.

  1. Implement capabilities and security best practices
  • Takeaway: Opportunities were identified to add capabilities to mitigate common attacks across the enterprise.
  • Recommendation: Implement best practice configurations such as enterprise access model to restrict the spread of privileged account credential caching.
  1. Reduce capability redundancies
  • Takeaway: Significant redundancy between current tools and Microsoft licensed capabilities resulting in increased spend.
  • Recommendation: Implement Microsoft to replace redundant tools and reduce duplicative spending.
  1. Improve security tool integration
  • Takeaway: Limited integration between multiple-point solutions does not enable cross-feed correlation during the detection and response of security incidents.
  • Recommendation: Implement recommended Microsoft tools to capitalize on their integration. Microsoft purpose-built its security suite with integration as a core component to enable one view that unifies information from all parts of the security stack.
  1. Under utilization of current tool capabilities
  • Takeaway: Certain capabilities in the client’s security stack have not been implemented due to factors such as resource limitations, resulting in a limited return on investment.
  • Recommendation: Prioritize implementing current tool capabilities with the greatest reduction to security risks.
  1. Potential for Risk
  • Takeaway: Implementation of new tools and capabilities requires extensive planning, training, project management, and potential process and culture changes.
  • Recommendation: Consider the risks associated with recommendations provided in this strategy/roadmap

Pricing varies depending on size of environment and applications

Бърз преглед