For a century, R.J. O’Brien (RJO) has been a leader in the futures industry through its innovative technology, unparalleled client service, and intuitive market insights. This focus on client service includes a commitment to customer privacy and security. Due to this customer commitment and in anticipation of future Commodity Futures Trading Commission (CFTC) requirements, the firm wanted to be prepared for the likely effort and expenditures associated with such requirements. Given the security measures implemented across all facets of people, processes, and technology, RJO believed it was prudent to review security alongside its planned infrastructure upgrade.
The firm sought assistance with assessing required infrastructure and organizational changes necessary to:
Extensive security experience
Through more than a decade of helping RJO address a variety of business needs, West Monroe Partners developed extensive knowledge of RJO’s systems, processes, and resources—enabling the firm remain at the forefront of its industry.
In addition, West Monroe Partners demonstrated a strong track record for assessing and implementing cybersecurity and IT security enhancements at other organizations.
A road map for meeting security goals
West Monroe Partners collaborated with RJO to plan for and prioritize future security and infrastructure investments—with the goal of creating a holistic road map for improving reliability, security, and scalability of RJO’s core capabilities while minimizing impact on its day-today operations.
West Monroe Partners and RJO modeled the existing infrastructure—from network and processes to data
flows of core business applications. Then, the team examined these key areas:
Using this approach, West Monroe Partners identified several key enhancements that would enable RJO to improve security and network reliability, while providing operational visibility into vital statistics around the effectiveness of the implemented controls.
Finally, West Monroe Partners helped RJO create a detailed road map for implementing future improvements and reducing cybersecurity risks, including detailed costs and time lines and recommended mitigation windows.