Case Study

BigPanda Aligns Business Objectives on Next-Gen Cyber Journey

May 31, 2023
Resources New Videos Coalfire Case Study Big Panda 814x460 FINAL

BigPanda's Incident Intelligence and Automation platform is trusted by enterprise infrastructure and operations managers for contextualizing and mobilizing DevOps and ITOps data. Their AIOps technology streamlines operational workflows, providing real-time visibility and rapid response to disruptions and outages in the cloud.

Watch the case study video
 

Big brands are adopting AIOps technology to address operational resilience challenges, such as cyber risk and downtime. Gartner predicts that by 2025, 70% of organizations will implement continuous infrastructure automation to enhance business agility, a significant increase from the current 20%.

The AIOps market is estimated to be worth $1.5 billion, with a projected 15% growth rate through 2025. Gartner emphasizes the indispensability of AIOps in the future of IT operations due to the exponential growth of data volumes and the need for faster insights beyond human capabilities.

CHALLENGE

BigPanda found itself in the same position as many companies in the post-pandemic, multi-cloud era of remote workers and dispersed operations. With the continuing displacement of network perimeters and the rise of hybrid, hyperscale cloud computing, BigPanda saw the need to recalibrate risk and resources with today’s rising threat levels and tightening budgets.

In leveraging the biggest go-to-market opportunity in the company’s history, BigPanda couldn’t afford to make short-term tactical errors or long-term strategic missteps with its cybersecurity and compliance efforts. Affirming customer trust was fundamental to the company’s ability to differentiate itself in the market.

Management’s next steps would be mission-critical to the company’s cybersecurity and compliance journey, essential to the future of the business.

APPROACH

Diversity of viewpoints and continuous engagement across all phases of the product lifecycle are fundamental to BigPanda’s philosophy. The company’s collective team approach keeps initiatives in sync and helps eliminate knowledge silos and single points of failure.

To optimize cybersecurity and manage risk across the BigPanda platform, the company chose to work with Coalfire with the objective of managing cybersecurity and operational risk. Coalfire and BigPanda teams collaborated on the following initiatives:

  • Business Continuity Plan
  • Business Impact Analysis
  • IT Management Policy and Standards
  • Incident Response Plan and related incident response Playbooks

 

I'm responsible for all aspects of security from development to production. Our focus is to recalibrate our program by making the right decisions and avoiding the one-way doors that inhibit growth and maturity. There are high expectations, we have limited resources, and we can’t do it all ourselves. We needed a specialist that could add immediate value by supporting our aspirations to drive the security program to the next level and we found that value with Coalfire.

Anthony Figueroa, Director of Information Security, BigPanda

Coalfire jumped in to help align the cybersecurity program to business objectives. The partnership leaned on Coalfire’s best-practice insights from its team of former cybersecurity and IT operations leaders, Coalfire’s knowledge of NIST standards, and direct experience in avoiding pitfalls common to cloud-driven AI environments.

Cybersecurity risk management was the through-line that touched all areas of BigPanda’s maturing security posture. Coalfire laid the groundwork for scalable cybersecurity and risk management operations that focused on threat reduction via the prioritization of vulnerability mitigation and security improvement efforts. Plans were implemented that emphasized a restructured risk register, improved risk factor definition, and a solid tooling foundation.

Ultimately, this scope of work represented the company’s next-gen roadmap for improving risk management in concert with its future growth plans.

RESULTS

BigPanda found a compelling, custom fit with Coalfire. Project outcomes hit the mark on all critical building blocks of the company’s cybersecurity program.

Key aspects of enterprise risk management were moved from point-in-time monitoring to continuous, real-time engagement. Security made a big shift left in the agile lifecycle, and improved guardrails were established for all code development. Seamless integration was achieved, in part, by establishing an AppSec Champions program to drive awareness and cross-team collaboration.

“Risk can’t be eliminated, so risks were strategically prioritized in the plan,” said Michael Eisenberg, vice president of strategy, privacy, risk at Coalfire. “BigPanda resourced its security program and optimized incident response with state-of-the-art plans, policies, and playbooks.”

Coalfire was instrumental in helping us bring clarity and focus. They enabled us to understand, execute, and measure success.

Anthony Figueroa

For Figueroa and his team, improvements were more qualitative than quantitative:

  • Improved risk management capabilities to drive both security and business priorities.
  • Improved Business Impact Analysis engagement model and more concise and comprehensive definitions of critical systems.
  • Clearly defined Incident Management Process outlining responsibilities, Incident Runbooks, and communications plans to maximize incident response performance and minimize delays.
  • Continuous oversight and increased ability to identify areas of improvement while maintaining alignment with business objectives.

Coalfire’s ability to counsel and work with BigPanda’s cybersecurity initiatives provided the necessary lift in an environment scarce of cyber talent and resources. Through this partnership, the BigPanda security team met corporate expectations with flying colors – and undeterred against decreasing budgets.

Coalfire understood our risk management vision and worked diligently to capture all of our requirements. This enabled them to deliver a risk framework that was fully aligned with our operating model to support BigPanda's company goals and objectives.

Anthony Figueroa