ISE® Central Project Award Nominees 2018

Astra on AWS
Executive Sponsor: Brian Rexroad, VP – Security Platforms, AT&T
Project Team: Dan Solero, AVP Technology Security, Ed Hope, Lead Technology Security, Fred Meyer, Sr. Member of Technical Staff, Sean Haver, Principal Technology Security, Joaquin Montoya, Sr. Technology Security, Mike Stair, Lead Member of Technical Staff, Chris Moran, Sr. Member of Technical Staff, and John O’Cone, Sr Business Mgt
Location: Dallas, TX

The Astra on AWS project was created to develop a cloud protection solution to help assure AT&T’s data in public cloud is not at risk. This project integrates AWS capabilities with vendor-provided SaaS technologies to not only embrace AT&T’s cloud IT strategy but do it in a manner that we can be confident it is secure.

Flood 2.0
Executive Sponsor: Brian Rexroad, VP – Security Platforms, AT&T
Project Team: Mike Nanashko, Director Technology, Fred Stringer, Lead Member of Technical Staff, Donald Chong, Associate Director Technology and Glenn Hochberg, Principal Member of Technical Staff
Location: Dallas, TX

The Flood 2.0 platform processes over 1 trillion records daily. Flood 2.0 analyzes flow data generated from AT&T’s IP and Mobility networks to identify malicious activity targeting services, customers, and infrastructure. It provides automated security analysis tools based on customized software, proprietary research algorithms, and commercial products to report network threats using techniques to detect anomalous changes in normal traffic behaviors. These threats are indicators of future events or real-time attacks against vulnerable targets including scanning, virus propagation, Botnet Command and Control (C&C), Distributed Denial of Service (DDoS), fraud/abuse, DNS fast-flux, and data exfiltration.

AT&T CSO Smart City Security Simulator
Executive Sponsor: Karthikeyan Swarnam, VP – Security Architecture, AT&T
Project Team: Barbara Laing, Director Technology Security, Aleksey Ivanov, Principal Member of Technical Staff, Don Heatley, Principal Technology Security, and Carey Joseph, Lead Member of Technical Staff
Location: Warrenville, IL

AT&T’s Smart City Security Simulator is a training and visualization tool that demonstrates security aspects of various IoT and Smart City technologies and allows users to run cyber-attack scenarios while learning about potential outcomes provided by intelligent simulation engine. The Security Simulator is made up of a physical model of a city, augmented reality components, and planned remote virtual experiences. The project is designed to be flexible for future alignment with future corporate Smart City plans.

Business Resilience – Changing the Culture from Continuity to Resilient Enterprise
Executive Sponsor: Scott Pettigrew, VP and Chief Security Officer, HMS
Project Team: Latasha Robinson and Tosha Terry-Lee
Location: Irving, TX

From integration, to automation, compliance to communication, the HMS Business Resilience Program is an integrated enterprise wide program that applies automation for monitoring world events, including HMS infrastructure technology, such as, servers, networks, and assets. It provides consistent change monitoring and management by automating the updating of infrastructure changes for their business impact analyses and recovery procedures. It allows HMS to demonstrate compliance with HITRUST, ISO, and SOC frameworks, which ensures the standardization of control information. This cultural shift positioned HMS in pursuing a ‘Resilient Enterprise’ designation from an international continuity program leader.

Secure Cloud Infrastructure
Executive Sponsor: Scott Pettigrew, VP and Chief Security Officer, HMS
Project Team: Michael Madero – Manager, Security Architecture and Mark Ma – Security Architect
Location: Irving, TX

The objective of the Secure Cloud Infrastructure was to create an environment that could support highly sensitive data and meet HMS's high security standards while complying with government and commercial compliance frameworks. The successful implementation of this project has allowed HMS to achieve fast and consistent application deployments that leverage cross-platform single sign-on technology.

Security Risk Management & Assurance Program – Bringing it all Together!
Executive Sponsor: Scott Pettigrew, VP and Chief Security Officer, HMS
Project Team: Daryl Hykel, Manager Security Assurance
Location: Irving, TX

When implementing a security risk management program, a capability maturity approach is essential to success. This begins with an assessment to determine the current security policy and process maturity. HMS has adopted a security control framework which is measurable and managed and has layered its governance practices over this security model. This program has allowed them to tie together their initial program design methodology and have streamlined multiple authoritative sources into a common set of controls that are tailored for their organization.

horace mann
Blend the NOC and SOC Together, Creating an Integrated Operations Center (IOC)
Executive Sponsor: Sandy Figurski, Sr. Vice President and CIO, Horace Mann
Project Team: Eddy Wilson; Sr. Information Security Architect, James Bantner; Sr. Cyber Analyst, Tyler Gladu; Cyber Analyst, and Bryce Combs; Cyber Analyst
Location: Springfield, IL

Horace Mann set out to merge their NOC and SOC together into a single, blended platform creating an IOC (Integrated Operations Center) - one platform ingesting two environments. The team introduced security orchestration, automation and incident response tools to replace antiquated manual processes. This allowed them to meet mandated governance and compliance and decrease auditor enhanced fatigue. In parallel, the project delivered metrics driven report functionality for risk management that allowed newly created operational activities to be identified, addressed, and aligned to support Horace Mann’s business goals and objectives, including, meeting regulatory compliance for oversight transparency.

Morningstar Security Champion Program
Executive Sponsor: Ricardo Lafosse, CISO, Morningstar
Project Team: Dan Nellessen – IT Risk and Compliance, Praveen Jha – Software Security Architect, Brian Cameron - Software Security Architect, and Michael Allen – Chief Information Officer
Location: Chicago, IL

The Morningstar Security Champion is a grass roots program developed to assign individuals in product team resources to provide direct security oversight, security guidance, and acting as a channel to escalate security issues directly with the Application Security team. This program is the core component that fuels Morningstar’s internal metrics program that gamifies the reduction of vulnerabilities across the organization.

3P-VRM Program
Executive Sponsor: Shibu Thomas, Director, Information Technology & Security (CISO), Parkland Health & Hospital System
Project Team: Kai Kert, IT Security Architect Manager, Scott Langham, IT Security Architect and David Huff, Risk Analyst
Location: Dallas, TX

Parkland Health & Hospital System contracts with more than 248 vendors for on-site, hosted, and cloud solutions. To ensure good security controls are in place and risk is properly documented and managed, Parkland developed a 3P (3 Phase) risk analysis approach to vetting, analyzing, approving, and managing vendors before and after they are given access to Parkland networks.

MDSTAFF Automation Project
Executive Sponsor: Shibu Thomas, Director, Information Technology & Security (CISO), Parkland Health & Hospital System
Project Team: Kai Kert, IT Security Architect Manager and Kristin Hoppe, Epic Security Analyst
Location: Dallas, TX

Parkland Health & Hospital Systems continues to automate its systems to provide high quality, safe, and efficient care for patients. As a public academic medical center, a critical task is the verification of all provider credentials and ensuring they are current within EMR and all other systems. This is vital to any organization that must document that licensed providers have been granted privileges to practice in specific areas and under specific conditions. As recent as two years ago, this entailed countless hours of manual batch processing. With Parkland’s MDSTAFF automation project and the use of HL7, the credentialing verification process now takes a few hours per week and errors have been reduced by 75%.

Naughty Step Eagle
Executive Sponsor: Simon Tong, Global IT Security Manager, Schlumberger Limited
Project Team: Adnan Hussain, Tim Hergert, Kevin Kujawa, and Scipio Brook
Location: Houston, TX

Schlumberger evaluated an advanced threat detection capability from Cybraics that is based on artificial intelligence and machine learning, using a combination of data learning techniques, including unsupervised, semi-supervised, and supervised models. The purpose of the project was to see if they could detect threats and attacks in their environment that were previously unknown to them and also to evaluate how seamlessly they could integrate findings into their existing Information Security workflows for incident response.

Digital Transformation (IAM): Enterprise User Access Management / Shell Identity Management (EUAM | SIM)
Executive Sponsor: Scott Haynes, Enterprise IAM Programme Director, Shell
Project Team: David Fannon, Access Management, Special Projects and Michael Holste, IAM Program Manager
Location: Houston, TX

As part of a Digital Transformation initiative centered on Identity and Access Management, this project focuses on both enterprise access governance and enterprise access management. This initiative has two components: Enterprise User Access Management (EUAM) and Shell Identity Management (SIM). The project aims to automate the various security controls within Shell for all business-critical applications. This would bring all business-critical application on a common platform in terms of access management. The goal is to bring in the complete Segregation of Duties (SOD) ruleset of Shell under an automated platform to manage SOD, which is currently being done using spreadsheets or legacy tools. This will help enable automated certification campaigns for 60,000 users across the globe and insure compliance and satisfaction of audit requirements.

university of kentucky
Attivo Deception Network Project
Executive Sponsor: George Inkso, Director of Cybersecurity, University of Kentucky
Project Team: Heath Price (Associate CIO) and Michael Sheron (Security Analyst)
Location: Lexington, KY

The University of Kentucky chose to implement deception technology to augment their current security architecture in a way that allows them to see threats in real time and with a low false positive rate. This allows the University to reduce their meantime to resolution and increase KPIs. In addition, the University was interested in gaining real time analytics that allow them to perform gap analysis on current infrastructure and policies.

US Bank
Oracle Identity Manager 11G
Executive Sponsor: Jason Witty, EVP, CISO, U.S. Bancorp
Project Team: Linda Anderson, Information Security Specialist, Udaya Annae, Project Manager, Cynthia Bahr, Information Security Director - Identity and Access Management, Theresa Baker, Information Security Specialist, Mike Betz, Initiatives Manager, Chris Branson, Identity Engineer, Derek Dahlen, Director, IAM Lifecycle, Delivery & Controls, Scott Deery, Project Manager, Ronda Deutsch, Initiatives Manager, Traci Drapela, Admin Manager, Information Security, Dale Erickson, Information Security Specialist, Alex Friedrichsen, Information Security Specialist, Brian Griffin, Manager, Information Security, John Hunter, Information Security Services PMO Portfolio Lead, Melissa King, Initiatives Manager, Jaime Lopez, Information Security Specialist, Rebecca Lower, Information Security Specialist, Mary Maflin, Information Security Specialist, Brenda McCauley, Information Security Specialist, Beatrice “Yvonne” McRae, Project Manager, Nikki Myers, Manager, Information Security, Amy Nicholas, Information Security Specialist, JoAnn O’Rourke, Senior Manager, Information Security, Dickson Oyaro, Business Analyst, Gboyega Oyeymi, Manager, Information Security, Edward Palmer, Information Security Specialist, Doug Ritari, Application Developer, Molly Rolland, Information Security Specialist, Becky Schmitz, Business Analyst, Mustafa Syed, Information Security Tech Consultant, Russ Terrell, Information Security Specialist, Indiran Thirumani, Senior Manager, Information Security, Paul Urevig, Information Security Specialist, Phil Vander Haar, Senior Manager, Information Security, Zachary Varner, Information Security Specialist, Jeff Wheaton, Information Security Specialist, Chase Williams, Admin Manager, Information Security, and Jason Zajicek, Manager, Information Security
Location: Naperville, IL

This project sought to rollout a centralized Identity and Access Management platform across U.S. Bancorp. The platform, “Access Management,” provides solutions to key workflows including, user access requests and approvals, automated provisioning via connectors, certifications for user access, role owner and entitlement owner reviews, manual provisioning queue management, and preventative SOD (Separation of Duties). The platform replaces multiple applications, delivering a reduction in costs, labor and redundant governance and controls. Additionally, it more efficiently supports the “least access” principle and reduces the number and frequency of audit findings related to identity, access, and elevated privileges.