Kopenhagen Konsulting was brought in to overhaul a security services sourcing strategy, which included insourcing critical Anti-Malware and Data Loss Prevention services. The goal? To tackle the challenges of inefficient detection and response processes, improve cost-effectiveness, and simplify operations by reducing reliance on multiple vendors while tightening internal control.

We kicked off by mapping out all security services, analyzing factors like management style (internal, external, hybrid), network coverage, strategic goals, costs, and effectiveness. By prioritizing services based on their importance to the Security Operations Center (SOC), we developed a framework to decide whether to insource or stick with external providers. We then created a solid business case for bringing the Anti-Malware and DLP services in-house, covering everything from benefits and risks to budget, resources, and a phased transition plan, which quickly earned approval from the CISO and CIO.

Leading a global project team across three continents, we drove the insourcing project to completion. Key tasks included hiring and setting up a new internal team of over 10 specialists, consolidating service activities from external providers, replacing and streamlining underlying technologies, defining new Service Level Agreements (SLAs) with vendors, and enhancing the overall process with thorough documentation.

This project’s success laid the groundwork for a strategic sourcing model for future security management. Highlights include:

• Around 50% cost savings and improved service delivery for Anti-Malware and DLP.
• Establishment of a forward-looking sourcing strategy.
• Completion of the insourcing project on time and within budget.