ISE® North America Project Award Nominees 2020

Academic/Public Sector Category

Identity Access & Governance Data Transformation
Executive Sponsor: Britani Tullier, Senior Director Information Security
Project Team: Herbert Travis (Manager of Security Operations), Michael Johns (IAM Application Admin), Malcolm Richardson (IAM Manager)
Location: Baton Rouge, LA

The project's goal was to implement and replace a 4-part homegrown identity and access governance solution. There are several phases to this project, and phase one was Access Attestations — this step will end on September 30th. This project incorporates leaders across 10 hospitals and hundreds of clinics to review their employees' and contractors' access. This audit will also check the entitlements, and the owners will need to sign off on the membership. Our healthcare system completes this process annually.

UNDP Cybersecurity Response to COVID Crisis
Executive Sponsor: Paul Raines, Chief Information Security Officer
Project Team: Alexey Kuzmenko (Security Analyst), Sandra Jourdain (Security consultant), Yerim Fall (Security Analyst)
Location: New York City, New York

The cybersecurity unit took actions that allowed UNDP to continue to meet its global mission of providing humanitarian assistance to developing countries despite working remotely. Just prior to the crisis they tested and improved the business continuity plan to ensure the organisation was prepared. During the crisis they defended the organisation against numerous hacking attacks, wrote policies to support working remotely, provided cybersecurity training to employees on the new work situation, worked with law enforcement authorities on a criminal case against a criminal hacker group and supported UNDP’s digital transformation through cybersecurity assessments of new systems and applications.

Commercial Category

Cloud Transformation: Building Automated Cloud-native Security and Governance
Executive Sponsor: Almir Hadzialjevic, VP of Enterprise Risk and Security
Project Team: David Nolan (Director, InfoSec), Jeremy Brooks (InfoSec Architect), Abigail Johnson (Senior Security Engineer), Joshua McNair (Infrastructure Principal Engineer), John McAleer (IAM Engineer), Joseph Moore (Systems Engineer), Eric Simmons (Lead AppSec Engineer), Stuart Lane (AppSec Engineer)
Location: Atlanta, GA

Aaron’s Technology and Information Security teams formed a joint cloud adoption and governance task force. Over the past year, this task force was able to improve security, reduce costs, and improve overall cost management in Aaron’s Azure environment. Due to the lack of existing commercial technologies and tools, the team shifted to a cloud-native approach by creating customized integrations and automation using Azure native functionality and open source tools to achieve leading security. This allowed Aaron’s to improve visibility, automate event alerting and remediation and as a result, reduced MTTR to milliseconds.

Project Eureka: Building an Automated Approach to Privacy on a Lean Budget
Executive Sponsor: Almir Hadzialjevic, VP of Enterprise Risk and Security
Project Team: Daniel Pugh (Sr Information Security Engineer- Project Lead), David Nolan (Director- Information Security), Ed Bonapfel (Legal Counsel), Kevin Leclair (Director- Software Engineering- Digital Leasing Solutions), Eric Simmons (Security Software Engineer), Chitra Somu (Data Management Analyst- Information Intelligence), Eric Russell (Cloud Data Architect), Rahim Mosha (Sr. Database Engineer), Curtis Whitworth (Sr. Database Administrator), Steve Werntz (Sr. Director- Enterprise Data and Intelligence), LaDonna Nettles (Sr. Manager- Software Engineering), Jonathan Mutnick (Manager- Software Engineering), Hiren Patel (Director- Data Infrastructure)
Location: Atlanta, GA

Project Eureka was an enterprise-wide initiative led by Aaron’s Information Security team and supported by Legal and IT to develop an automated, scalable, and sustainable framework for privacy management in order to comply with the California Consumer Privacy Act (CCPA) and any future local, state, and federal privacy laws.

In addition to enabling compliance with the CCPA and establishing a framework for complying with emerging privacy laws in an effective and efficient way, the project provided valuable insight into the business processes, systems, applications, data flows, and vendor relationships that will be leveraged by multiple stakeholders within the business for process optimization, risk assessments, and business continuity planning.

Milestone 0
Executive Sponsor: Bill O’Hern, Senior Vice President and Chief Security Officer
Project Team: Rebecca Finnin (Director – Cybersecurity), Amy Zwarico (Lead Member of Technical Staff), Samantha Kossey (Sr. Specialist – Cybersecurity), Christine Liu (Principal – Cybersecurity)
Location: Middletown, NJ

Milestone 0 redefines how AT&T introduces security requirements to applications. In large corporations, application teams may invest considerable time and effort to negotiate the volume and complexity of security requirements. They may deal with a lack of a centrally maintained list of security solutions, finding the right security SME for their projects, complexity of application architecture, and interpreting shared cloud responsibility. Milestone 0 allows all the application teams across the company to operate under a repeatable, self-service model to achieve security compliance by providing relevant requirements and available tooling solutions for automated enforcement based on users’ answers to simple questions.

Cynet Comp Controls
Executive Sponsor: Andrew Bjerken, Global Chief Information Security & Privacy Officer
Project Team: Ken Pascua (Director Security Risk Management), Nancy Wright (Manager Security Operations), Mike Stolarik (Manager Security Architecture & Engineering), Anthony Prezenchuk (Pres-n-shook) (Security Engineer), Mike Hamilton (Sr. Implementation Analyst), Chris Bates (Sr. Director Support), Dulani McLaurin (Dir Product Management), Marion Hamacek (GVP International), Roberto Luberti (IT & Ops Director, Italy), Kanako Nukagawa “Nuk” (Manager, Japan), Toshihito Takahashi “Toshi” (Director Technology, Japan), Jerome Husson (System & Network Dir, EU), Ana Walsh (Program Manager), Sarah Sensibaugh (Project Manager), Hannah Lawrence (Enterprise Agility Leader), Steve Stephenson (Dir of Quality Engineering), Barry Hauhe (Test Engineer II), Penny Boyer (Sr. Dir Brand Development), Heather Talerico (VP Sales Enablement), Michael Wiege (IT Dir (Germany), Moira Hinson (ED Corporate Communication), Stephen Miano (Lead Systems Engineer), Kevin Buley (Lead Delivery Engineer), Crystal Stainrod (Privacy Analyst), Rajkumar Karuppaiah (Raj) (Sr. Network Firewall Engineer), Srihari Balu (Sr. Financial Analyst), Premal Patel (GM UK)
Location: St. Petersburg, FL

Catalina maintains appliances in 45,000+ stores worldwide across 325+ retailer networks. These appliances enable one of Catalina’s primary revenue streams and must remain compliant to continue to operate. Catalina launched the Retailer Awards Compliance (RAC) project to achieve ongoing and demonstrable compliance with PCI, HIPAA, APPI, and GDPR. The project included Symantec MFA and Cynet to reduce risk, assure security and privacy for 430M consumers. Key control requirements included the ability to operate on the existing legacy hardware/OS base, anti-virus, application whitelisting, FIM, and 24/7 monitoring capability. The successful implementation included global coordination for individualized rollout plans for each retailer.

Project Risk Illumination
Executive Sponsor: Sudhanshu Kairab, Vice President, Cybersecurity Governance, Risk and Compliance
Project Team: Joseph Gallagher (Sr. Director, Cybersecurity Governance, Risk and Compliance), Saugat Sindhu (Program Transformation Lead, KPMG); Project Team Members: Kelly Russell (Sr. Manager, Third Party Security Assurance), Deep Patel, Manager (Third Party Security Assurance), Mark Bunge (Director, Cybersecurity Governance, Risk and Compliance), Haris Mohiuddin (Analyst, Third Party Security Assurance), Matt McGrath (Sr. Analyst, Third Party Security Assurance), Mahendra Churman (Attorney, Legal and Privacy), Walker Allen (Sr. Director, Comcast ServiceNow Product Manager), Jerry Hahn (Engineer, Comcast ServiceNow Support), Devakumar Sarangabani (Solutions Architect, KPMG)
Location: Philadelphia, PA

Project Risk Illumination was a transformative initiative to bring supply chain exposures to light, enabling clear risk based decision making through harmonized engagement across cybersecurity, legal, privacy and business stakeholders. Comcast leverages over 3000 Third Party suppliers in the delivery of diverse products and services to its Consumers. Given the expanding cybersecurity and privacy landscape, coupled with dependencies on Third Parties, this project was initiated to not only optimize technology solutions to illustrate risk factors associated with Third Parties, but also to enable cross-functional perspectives from all key stakeholders with real-time integrated self-service portals and dashboard reporting.

Cox + Cloud: The Ultimate Bundle
Executive Sponsor: Jemin Thakkar, Executive Director, Information Security
Project Team: Jason Weissman (Director, Security Architecture and Privacy), Stuart Keener (Senior Director, Data Protection and IAM), Brian Kelly (Cloud Security Architect), DJ McCall (Director, Infrastructure Platform Automation), David Botters (Manager, Infrastructure Platform Automation), Bob Boldin (Engineer, Infrastructure Platform Automation)
Location: Atlanta, GA

As the business wanted to leverage the scale of the cloud, Cox Communications Information Security embarked on its journey to enable the secure adoption of cloud platforms through technical capabilities and flexible self-service models. Information Security designed and implemented controls, leveraging both cloud-native and existing technology solutions. Information Security prioritized processes for access provisioning, privileged access management, threat detection and data protection for a holistic secure cloud capability. The collaboration across Cox’s Cloud Center of Excellence resulted in the implementation of a minimal viable cloud, permitting repeatable architectures, controls and uniformity across the cloud footprint.

Project Baywatch
Executive Sponsor: Brad Boucher, Deputy Chief Information Security Officer (CISO) and Vice President
Project Team: Michael Deal (Director, Technology)
Location: Sandy Springs, GA

To address Security’s challenge ingraining accountability across its business and an increasing need for enhanced stakeholder reporting; the team developed and implemented a cyber analytics and visualization portal; IRIS. IRIS empowers the cybersecurity team and its stakeholders to monitor, track, and report on the state of the cybersecurity program in a structured, centralized and automated means. IRIS is now Cox’s centralized portal for security practitioners, technology stakeholders, and business owners to view relevant metrics, dashboards, and reports impacting the organization's security posture.

Executive Sponsor: Tyler Young, Sr. Manager, Head of Cybersecurity
Project Team: Liz Zelko (Sr. Cyber Security Analyst), Kyle Kurdziolek (Cyber Security Analyst)
Location: Chicago, IL

This intelligence feed is aimed at filling a threat intelligence gap within the legal industry by collecting and providing industry specific Indicators of Compromise (IOCs) to any legal or legal adjacent entities looking to build or improve upon their security program and posture. This feed is aggregated from several sources, including SaaS e-discovery environments, our network of legal specific honeypots and other open source intelligence feeds.

CyberSOC to Enable Digital Journey
Executive Sponsor: Mario Chiock, Fellow, Cyber Security
Project Team: Cybersecurity Engineering: Jean-Loup Bevierre (Core Assets Cyber Security Engineering Mgr.), Tan Hung Hoong (Cyber Security Automation and Tooling Mgr.), Himali Saxena (IT Security Automation Engineer); CyberSOC: Andrey Melnikov (CyberSOC Mgr. – Western Hemisphere), Saptoto Aji (CyberSOC Mgr. – Eastern Hemisphere); Schlumberger Leadership: Ashok Belani (CTO), Mario Chiock (Fellow, Cyber Security), Sebastien Lehnherr (CIO); John Driggers (Digital Security Director)
Location: Houston, TX

As a large, global organization undergoing digital transformation, Schlumberger needed to more effectively prioritize and manage an increasing number of security alerts and a shortage of talent while maintaining a more consistent process for alert handling and response. The CyberSOC project deployed a Next Generation Cyber Security Operations Center using cutting-edge technologies and promoting Schlumberger Cyber Security as a differentiating capability to enable Schlumberger’s Digital transformation journey. By introducing orchestration, automation, and best-in-class tools, Schlumberger increased the number of incidents handled per month by up to 10× within the first year while increasing the engagement and motivation of the team.

Phishing Protection Plan
Executive Sponsor: Cassio Goldschmidt, Head of Information Security/Sr. Director
Project Team: Nikolai Klyukach (St. Tech PM), Paul Intrarakha (Security Architect), Chetan Bhatnagar (Dir Corp Sys & Insights), Steve Shamaly (IT Ops Manager), Tarun Patel (Sr. Application Admin), Tristan Wilson (Sr. Application Admin), Dana Michels (Associate General Counsel)
Location: Glendale, CA

Phishing Protection Plan is a multifaceted and innovative program enacted to protect the business and raise employee awareness about fraudulent attempts to obtain sensitive information. Phishing Protection Plan reinvented how ServiceTitan employees participate in phishing tests; completely redesigned company training; brought a renowned social engineer to test their process; and enhanced automated defense with state-of-the-art services.

Access Review & Credential Entitlement
Executive Sponsor: Steve Mosley, Sr. Manager Data Center Security & Compliance
Location: Atlanta, GA

Each year SITA’s Internal Audit department undertakes a manual review to do access reviews for its 4700 employees across multiple applications worldwide in accordance with ISO27001.This onerous process is repeated every three months. SITA embarked on a project to automate access reviews, reduce human errors and improve overall identity management by rolling out an Identity Governance and Administration (IGA) program across its employee base.

southern company
Detection & Monitoring Critical Infrastructure
Executive Sponsor: Curley Henry, Executive Director, Deputy CISO
Project Team: Steve Sanders, Tony Ondrus, Chris Taylor, Guy Palmer
Location: Atlanta, GA

Southern Company has many regulatory and compliance requirements as a critical infrastructure provider required to reduce risk of threats that can disrupt the energy grid. An exponential number of Operational Technology devices are connected to the network that traditional best practice security approaches cannot solve that introduces unique challenges for compliance. This project was designed to meet these requirements while partnering with the Line of Business to ensure minimal to no business disruption.

Southwest Session Extension
Executive Sponsor: Mandy McBride, Manager of Desktop Channel Strategy
Project Team: Zane Wu (Sr Software Engineer), Nash Gounden (Project Manager), Nick Wood (Business Consultant Digital Performance), Caitlin Savage (Business Consultant Digital Desktop Projects)
Location: Dallas, TX

Southwest Airlines web customers were challenged with a 30 minutes timeout session before they would be automatically logged out. SWA partnered with Shape Security, using Shape Recognize to extended users sessions to 7 days without increasing fraud. Shape Recognize proved to extend user session for known good users, without any increase in fraud and providing an increase in customer conversions. The upside from a revenue perspective has the potential to increase online sales by millions annually, improving customer experience and reducing overall fraud.

Tackling a Secure Merger Like a Champion
Executive Sponsor: Dwaine Omyer, Vice President, Digital Security
Project Team: Krina Snider (Sr. Project Manager), Kristy Estabine (Project Manager), DeSean Raimey (Sr. Manager), Humberto Moreno (Sr. Project Manager)
Location: Bellevue, WA

T-Mobile’s goal was to unite and combine the information security resources of T-Mobile and Sprint in a Super Bowl effort, bringing customers the connectivity, service, and security they need. The merging of these entities would allow new plays, new tackling sequences, and new coaching to take the telecommunication world to an entirely new level with the arrival of the New T-Mobile. After overcoming the odds, preventing sacks, and withstanding delays from unforeseen penalties, we built a transformative nationwide 5G network connecting every T-Mobile customer. With T-Mobile's low-band and Sprint's mid-band spectrum, we're building the highest-capacity nationwide network in history.

Zero Trust and Software Defined Perimeter (ZT/SDP)
Executive Sponsor: Dwaine Omyer, Vice President, Digital Security
Project Team: Aryan Taheri (Principal Architect), Scott Lewis (Principal Engineer), Erik Rudd (Director), Koveh Tavakkol (Sr. Manager), Michael Zwarts (Principal Engineer), Bob Lynn (Sr. Manager), Fredrik Lindstrom (Security Architect), Joel Burt (Project Manager)
Location: Bellevue, WA

T-Mobile’s Zero Trust and Software Defined Perimeter (ZT/SDP) initiative is about evolving our security culture and controls from an archaic “Castle Walls” perimeter-based strategy to a next generation security strategy where we intentionally assume our adversary is already inside the castle—on the network—and yet we should be able to strip away any tactical advantage the adversary would have. Achieving this game changing Defense in Depth requires a Software Defined Perimeter where we can cloak our end user applications to a stealth mode, invisible and unreachable by attackers even if they knew the IP addresses of applications.

Executive Sponsor: Tony Spurlin, Vice President & Chief Information Security Officer
Project Team: Amanda Deusenbery (Director – Security Engineering), Jason Nystrom (Director – Identity & Access Management), Milt Curtis (Applications Programmer), David Holmes (Sr. Security Engineer), Sam Adewale (Security Engineer), Nell Gainer (Sr. Security Consultant), Brian Cullinan (Sr. Security Engineer)
Location: Atlanta, GA

WINAuth is a highly scalable authentication and access management capability designed and built by Windstream Enterprise Information Risk & Security to provide identity and access management (IAM), user access certification, single sign-on (SSO) and Multi-factor authentication (MFA). The WINAuth solution serves all Windstream customers, consumers, employees, vendors and third-parties by delivering a secure, frictionless, single sign-on and multifactored authentication service for over 1.6 Million user accounts. This mission critical capability has not only improved the security and user experience for our over 1.6 million users it was also critical to the success of Windstream’s new PCI compliant product and services delivered to our enterprise customers.

Financial Services Category

EFX Cloud Control
Executive Sponsor: Zach Tisher, VP, Security Risk
Project Team: Jone Le (Director, Global Security Asset Risk), Marcos Calderón (Information Security Risk Consultant), Shahid Shaikh (Information Security Consultant), Jerry Liu (VP, Global Security Engineering), Daniel Dartnell (Project Manager), Abdul Asfour (Security Architect), Bradley Lemming (Lead Security Engineer), Lonnie Harris (Director, Security Engineering), Amanda Mason (Scrum Master), Troin Artis (Security Engineer), Joe Coniglio (Security Engineer), Ben Oludotun (Platform Service Engineer)
Location: Atlanta, GA

Equifax Cloud Control is the paradigm shift always desired for third-party risk but never offered until today. With this solution offering a real time view into the operating effectiveness of the security control environment, gone are the days of low assurance, point-in-time, questionnaire based assessments. After accomplishing the original goal of giving real-time visibility into the security control environment internally, Equifax made the decision to offer EFX Cloud Control to its clients in order to provide transparency and initiate the shift towards a new industry standard for third-party risk management

Refinitiv NextGen Security Operations Transformation
Executive Sponsor: Patrick Sullivan, Head of Security Operations
Project Team: Thomas Willbye (Project Manager), Michael Sviben (Director - Offensive Security Operations), Corinne Bertolino (Director - Threat & Vulnerability Management), Jack Radigan (Director - Threat Detection Operations), Donna Goddard (Director - Data Loss Prevention), Will McGregor (Director - Cyber Incident Response Team), Bappa Dey (Director - Cyber Threat Intelligence), Madhu Nadig (Manager - Security Platform Services)
Location: Hoboken, NJ

In October 2018, Thomson Reuters (TR) divested Refinitiv in a $17 billion transaction with Blackstone which split the cyber security function and resulted in coverage gaps for both companies. To enable this transaction, Refinitiv’s Head of Security Operations, Patrick Sullivan, led the NextGen Security Operations Transformation Program to rapidly build and enhance Refinitiv’s solutions and capabilities. Over the course of 21 months, Refinitiv established a robust Cyber Security Operations function, building 3 global Security Operations Centers (SOCs), and maturing capabilities across Security Monitoring, Incident Response, Digital Forensics, Offensive Security, Threat Detection, Vulnerability Management, Data Loss Prevention, and Cyber Threat Intelligence.

Cyber Fusion Center
Executive Sponsor: Kevin Gowen, Chief Information Security Officer
Project Team: Robert Nixon (Cyber Fusion Center Lead), Aaron Fisher (Information Security Analyst), Teraney Montgomery (Information Security Analyst), Patrick Barnes (Information Security Engineer), Vincent Vu (Information Security Analyst), Donya Jenkins (Financial Crimes Detection Specialist), Ryan McDonald (Information Security Architect), Lee Himes (Sr. Dir., Information Security), Marissa Page (Information Security Co-op)
Location: Columbus, GA

Connect the people, processes and technology within Information Security, Financial Crimes and Information Technology to promote information sharing and produce a more efficient, informed, and secure organization. Standardize, consolidate, and streamline communication and processes and leverage automation where possible, to reduce the mean time to respond to cyber and fraud-related events. Areas included, but not limited to, Security Operations Center, Financial Crimes Unit, Identity and Access Management, Physical Security, Threat Hunting, Cyber Threat Intelligence, Vulnerability Management, and Incident Response.

Health Care Category

Quacking the Code: Aflac’s Global Malware Analysis Program
Executive Sponsor: Tim Callahan, Senior Vice President, Global Security Officer
Project Team: DJ Goldsworthy (Director, Security Operations & Threat Management), Ben Harbin (Manager, Threat Management)
Location: Columbus, GA

The goal of the project was to proactively combat today’s cyber threat by leveraging the very same resource used by criminals: malware. Aflac first collected malware from sensors distributed in the United States and Japan, and then analyzed and incorporated the findings into defensive capabilities. Using the thousands of malicious samples sent to Aflac via email each day, the team deconstructed and analyzed the malware to extract precise indicators of compromise. The information was then tagged and organized in Aflac’s threat intelligence platform. The automatic orchestration ensured relevant data was then pushed to defensive technologies, strengthening Aflac’s overall security posture.

Avanos Medical - Cyber Security Transformation
Executive Sponsor: Elias Nyankojo, CISO
Project Team: Scott Stanton (Former Interim CISO), Elias Nyankojo (CISO), Pradeepthi C (Sr. Security Engineer), Javier Martinez (Sr. Security Engineer), Carl Springer (Security Engineer), Daniel Li (Security Engineer), Giuliana Vela (Security Operations Engineer), Camille Hines (Security Operations Engineer)
Location: Alpharetta, GA

In May 2018, Halyard Health was divested from Avanos Medical. During the divestiture, Avanos took advantage of the opportunity to modernize its legacy systems. Over the following 18 months, Avanos undertook a 100% greenfield cloud-first IT transformation. This transformation scope was IT systems for all business organizations including Supply Chain, Finance, HR, Quality, Customer Service, Sales, R&D, and Regulatory. During this IT transformation, Avanos implemented a brand-new cyber security program including new security infrastructure, software, architecture, governance, policy, process, operations, organizational structure, and outsourcing model.

COVID-19 Cybersecurity – Protect the Patient
Executive Sponsor: Mark Leary, CISO
Project Team: Enoch Long (Cyber Operations Director), Gregg Cortese (Technology Risk Director), Stephen Huvane (Engineering Director), Jeff Bayzk (IT Operations Director), Diarmuid O’Sullivan (Cyber IR Manager), David Glosser (Threat & Vulnerability Manager), Keith Keimig (Security Monitoring Manager), Christopher Filor (Security Analyst), Henry Howland (Security Intern)
Location: Tarrytown, NY

Regeneron’s “COVID-19 Cybersecurity – Protect the Patient” program was initiated to protect against cyberthreats that could potentially disrupt COIVD-19 research, clinical trials and drug manufacturing operations. Regeneron’s investigational COVID-19 antibody cocktail thrust the company into the epicenter of a global pandemic. This heightened visibility increased hostile nation-state threats to Regeneron’s IT operations and employees were bombarded with COVID-19 social engineering attacks. Information security immediately pivoted to a multifaceted program to increase public-private collaboration on cyber threat intelligence, improve the cybersecurity posture to protect a newly remote workforce and secure the COVID-19 value chain, and strengthen our vendor engagements and technology supply chain.

Cyber_Exec_Protect – Executive Protection in Cyberspace
Executive Sponsor: Mark Leary, CISO
Project Team: Enoch Long (Cyber Operations Director), Diarmuid O’Sullivan (Cyber IR Manager), David Glosser (Threat & Vulnerability Manager), Keith Keimig (Security Monitoring Manager), Christopher Filor (Security Analyst), Henry Howland (Security Intern)
Location: Tarrytown, NY

"Cyber_Exec_Protect – Executive Protection in Cyberspace" was a burst project to protect our top-level senior executives’ digital persona. Previously, except for our CEO and his staff, Regeneron executives only enjoyed protective controls while on-premise, or connected through VPN, at the same level as any other employee. Due to Regeneron’s increased public visibility and media exposure, cybersecurity operations realized a new level of protection was required. Today, our top senior executives benefit from an integrated, comprehensive set of identity monitoring and protection, cyberspace monitoring and alerting, dedicated cyber incident response, and optional home protection unique to the industry.