Amid a wave of high-profile cyber attacks like WannaCry and NotPetya, we were tasked with transforming and enhancing the global Security Operations Center (SOC) / Cyber Defence Center (CDC) for a leading pharmaceutical company. Our goal was to significantly boost their capabilities and elevate their cyber resilience to match industry leaders.

We led a transformative two-year journey, guided by a Board of Directors and a steering group of senior management. The program, based on initial maturity assessments from an external vendor, was split into two distinct phases. Phase 1 focused on overhauling the SOC/CDC structure to support round-the-clock operations, setting up new teams for threat management and business support, hiring key staff, and introducing technical improvements, a service catalogue, and crisis management processes. Phase 2 emphasized the implementation of rigorous metrics, establishing processes for patch and vulnerability management, forensic investigations, employee training, and enhancing the SOC’s 24/7 detection and response capabilities.

The program brought about major advancements in the company's cyber resilience, making information security a top priority at the executive level. The success is clear in several areas:

• Cyber maturity leaped from the first to the fourth quartile of industry benchmarks.
• SOC capabilities now stand out with full 24/7 coverage.
• Information security became a top priority within the executive ranks.