Security Audits
Customer: Gallagher
Industry: Security & Investigations
Services: Security Testing & Assurance
Challenges
- Delivering security solutions to market that are secured by design
- Ensuring internal cyber knowledge can address the expanding threat landscape
- Enhancing internal IT systems’ cyber resiliency to attacks
Outcome
- Reassurance that Gallagher security product lines are rigorously tested before market release
- Uplifted skills and knowledge of in-house security team
- Improved cyber resilience for IT systems, solutions, and technologies
Gallagher
Gallagher is a technology leader and manufacturer of integrated access control, intruder alarm, and perimeter security solutions that revolutionise the way organisations around the world protect, secure, and manage their people and assets.
The challenge
Gallagher’s security solutions are used within the highest levels of national and local government, military, commercial, industrial, healthcare, transportation, academic organisations, and small businesses in more than 130 countries.
With the global concern of rising cyber security threats, it’s important to Gallagher that they provide a high level of cyber security protection within their security and business risk management solutions. To build on the expertise of their in-house teams, they required external independence in their cyber security validation process to review all new software features, systems and subsystems, prior to full market release.
Furthermore, Gallagher needed to assure their own IT systems were secured to the highest level of protection from possible cyber incidents.
The solution
In meeting these challenges, Gallagher established their own in-house security team who regularly conduct security testing across product and software releases, and engaged CyberCX to be their independent expert eyes, to add an extra layer of assurance and confidence.
Having this third-party external review provided reassurance that Gallagher’s internal security and development teams were always delivering results to a high standard. This also helped reinforce the quality and capability of the internal Gallagher team and the on-going maturity of their solution.
Output from CyberCX reports were consistently fed back to the wider Gallagher development team and supported with:
Addressing
any reported vulnerabilities
Enhancing their build and test
processes to reduce the likelihood of similar issues occurring in the future, leading to a reduction in exposure to vulnerabilities and an overall improvement of the quality of code within their solution
Gallagher’s biannual engagements with CyberCX have become:
Part of their
routine procedures for product development teams
Standard practice
for all new significant developments, which undergo an audit before release to customer sites
These factors form part of the robust security of Gallagher’s solutions, and also allows their team to learn continuously through the process.
The outcome
Gallagher exercises the utmost care to ensure their security solutions provide the highest level of protection and cyber security for critical sites such as government and federal infrastructure, data centres, banks, and global enterprises.
In partnering with CyberCX,
Gallagher is assured that their customers have access to world-class, secure by design security systems which have undergone substantial auditing to prevent and mitigate against cyber threats.
By working closely with CyberCX,
now a trusted partner through long-term engagements, Gallagher can mitigate the risk and potential harm of cyberattacks and provide robust protection for their customers.
“Cyber security testing is somewhat of an art and depends significantly on the knowledge and experience of the auditing team who look for weaknesses and utilise penetration testing tools. We have huge respect for the team at CyberCX and that has been proven in the vulnerabilities that they have found during their audits.”
Steve Bell
Chief Technology Officer, Gallagher
