Who is the organisation and what’s its context?
The organisation is a worldwide pioneer in the aerospace industry, operating in the commercial aircraft, helicopters, defence and space sectors. They design, manufacture and deliver aerospace products, services and solutions to customers on a worldwide scale, and employ more than 195 000 employees around the globe, across 455 sites. The Covid-19 pandemic increased the usage of remote workers who access sensitive data, user rights, identity management and software to be handled on a daily basis. The Aircraft division decided to initiate a zero-trust approach assessment to anticipate the new shape of the threat landscape.
What needs did the organisation face at the time?
The challenge, driven by their way of working (SaaS applications, remote workers, etc.), combined with a decentralised IS (CSP) and the acceleration of DevOps, brought to light the sensitivity of data, highly critical and subject to numerous cyber-attacks, which had to be protected. It became necessary to rethink how to secure data accessibility, with consistency, in line with new uses. As part of its new strategic plan, the Group’s management decided to adopt the zero-trust philosophy and paradigm, starting with governance processes and user workflows, from user to data.
What was the turning point where the organisation had no choice but to adapt its strategy?
After Covid-19, and given the number of cyber-attacks targeting employees and partners, the decentralised IT infrastructure and the accelerating shift to the cloud, the organisation decided to implement a new, innovative and pragmatic methodology, without outright technological revolution.
Which factors played an important role in the decision?
Bringing together all IT architects for the first time in the Group’s history, in order to have an optimal, global strategy, the decisive points of the project were as follows:
- Shift cyber paradigm from initiative to program Translate ZT concepts to iterative program
- Synchronise all IT stakeholders • Break down IT silos to achieve global coherence and build a zero-trust architecture
- Reduce risk for the most critical applications
- Levraging component to ZT features & capabilities
- Support IT PSL (product service line) organisation
- Ensure a balance between security and user-friendliness for 195,000 employees
The better change
What were the immediate benefits for the organisation and its employees?
Global standardisation of processes: identity, data, network, application, device/endpoint
Growing maturity of infrastructure applications when faced with ransomware
Rationalisation of cyber solutions • Optimisation security process and governance
14 PSL workshops to enhance architects’ skills
Multi-year strategy roadmap
From theoretical initiative to pragmatic implementation programme.
Head of Cybersecurity for Network and End Points at the organisation and Executive Sponsor of the Zero-Trust Programme
Your Success Starts Here
Partner with Devoteam to leverage award-winning tech expertise, agile execution, and a culture of continuous learning.