R.J. O'Brien Security Implementation: A Case Study
WMP helps leading futures brokerage and clearing firm modernize its security organization and infrastructure
Date : August 22, 2014

A leading futures brokerage and clearing firm modernizes its security organization and infrastructure to meet evolving industry and regulatory requirements.

Taking a proactive stance toward evolving security regulations
Through a security-planning exercise, R.J. O’Brien (RJO) identified a number of updates to its processes and technology. These included software development items, organizational policies, and initiatives that would improve management visibility of RJO’s overall security posture. At the same time, RJO’s network infrastructure was beginning to age, and the firm was ready to invest to improve reliability, maintainability, and security of the equipment and network. The firm sought assistance with:

  • Preparing for compliance with forthcoming regulatory guidelines by utilizing industry standards and best practices—including NIST 800-53, NIST 800-30, and ISO 27xxx series
  • Improving network and systems reliability, maintenance, and security
  • Increasing customer data security

Business insight, cybersecurity expertise
Through more than a decade of helping RJO address a variety of business needs, West Monroe Partners developed extensive knowledge of RJO’s systems, processes, and resources—enabling the firm remain at the forefront of its industry.

In addition, West Monroe Partners demonstrated a strong track record for assessing and implementing cybersecurity and IT security enhancements at other organizations.

Well prepared—before issuance of new guidelines
Considering both RJO’s aging infrastructure and its need to remain compliant with evolving regulatory requirements, West Monroe Partners and RJO chose a path that included a considerable technology investment and a change in network architecture. This approach allowed RJO to create a secure parallel network and migrate services, applications, and customers while maintaining system availability and data integrity.

To address security goals, the team examined RJO’s existing software development and server segmentation approaches. This included a methodical, risk-prioritized analysis of primary customer- and Internet-facing applications, in accordance with SDL principles. Through this analysis, RJO identified and incorporated security enhancements into tis future development process and release milestones.

By combining new and refreshed corporate policies with an approach for implementing organizational changes that establishes accountability for the overall security program, West Monroe Partners and RJO cultivated a culture of enhanced security awareness. This awareness, coupled with the technological upgrades, ensured that RJO was well-prepared in advance of new US Commodity Futures Trading Commission cybersecurity guidelines issued in early 2014.

West Monroe Insights
Non-Revenue Water (NRW): Challenges & Solutions
View More
Related Insights
Josh Holmes and Paul Cotter will speak at PCI Security Standards Council on how to establish a secure training program
Date : September 13, 2017 Time : 02:55 PM EST

Join West Monroe as we discuss how going beyond a well-established security development training program can reduce the risk of a breach and provide direct business value.

Location:
Orlando, Florida
Improve the performance of your management teams to drive sales, increase customer experience, and reduce operating costs.
Date : July 13, 2017
Robotic Process Automation for Financial Services Institutions
Date : July 12, 2017
Integrate human and digital workforces for peak productivity and performance.