Media and telecom giant reaches first-time audit milestone

• New security leadership lacked centralized visibility across security operations and compliance
• Complex compliance requirements demanded manual, error-prone processes
• Security and operations teams worked in silos, complicating data normalization
• Multiple regulations and unpredictable audits required continuous readiness

The company had made solid progress in cybersecurity and compliance by adopting various tools and following the NIST Cybersecurity Framework. But as they grew and compliance demands increased, the CISO team realized their approach wasn’t scalable. They needed a unified way to manage security and compliance risks across the business.

Their historically reactive strategy focused on high-risk areas, relying on manual processes from multiple disconnected systems. Despite the team’s efforts, existing tools couldn’t keep pace with growing complexity.

A major challenge was fragmented visibility, teams worked in silos with different data sources, making it hard to get a clear, consistent view of risk and slowing decision-making.

Manual processes, especially in Identity and Access Management (IDAM), were error-prone and resource-heavy, causing delays and increasing the risk of missing critical issues.

Faced with over 258 Telecommunications Security Act mandates and unpredictable audits, the team had to stay constantly prepared.

They needed a platform to automate and simplify these processes, strengthen security, protect sensitive data, and ensure compliance.

To drive adoption across global teams, Panaseer provided managed service collaboration, operating model guidance and support, and end-user training to quickly get up to speed.

Aligning security and compliance practices with the target operating model, Panaseer provided continuous control monitoring and expert guidance, helping the organization mature its compliance posture.

• Enabled IT teams to pass their first security audit with no findings by automating controls visibility and reporting
• Enhanced executive visibility with trusted data, improving performance reporting and audit readiness
• Reduced non-vaulted privileged accounts by 65%, strengthening identity and access controls
• Decommissioned 150 redundant servers monthly, optimizing infrastructure and reducing risk exposure

Panaseer delivered value quickly, with the pilot phase helping validate assets during an incident investigation. The rapid onboarding of 280,000 devices in eight months showcased Panaseer’s scalability and efficiency, making it essential for the organization’s security and compliance efforts.

Before Panaseer, the business services team, managing systems like Vulnerability Management (VM), Active Directory (AD), Identity and Access Management (IAM), Antivirus (AV), and Endpoint security (EDR), struggled to align security and compliance efforts with audit readiness.

After deploying Panaseer, IT teams achieved their first-ever successful security audit without any findings, leveraging automated Continuous Control Monitoring (CCM) dashboards.

This success not only demonstrated Panaseer’s immediate value but also encouraged continuous process improvement, ensuring teams stay “in the green” and always audit-ready.

Once Panaseer was deployed, providing a clear view of their cybersecurity controls performance, the team continued to build on the foundations of accurate data.

• Strengthened security operations by creating and using tailored dashboards on Panaseer, providing real-time visibility into security metrics and enabling proactive issue identification
• Improved cross-team collaboration, streamlining processes, and eliminating silos between control assurance, SecOps, and control owners.

The adoption of Panaseer spread rapidly across all levels of the security organization, overcoming initial concerns about the complexities of introducing a new tool, with more than 350 users operating across Europe.

The tool became the source of truth for security operations, breaking down silos and fostering collaboration between control assurance, SecOps, and control owners. Dashboards were integrated into daily workflows, enhancing data quality, vulnerability management, and audit compliance.

Panaseer’s strategic importance grew by supporting initiatives like cyber tool licensing and ServiceNow CMDB data quality, strengthening its role in the cybersecurity strategy. Its implementation empowered the controls assurance team to collaborate more effectively with SecOps and control owners, eliminating siloed processes and fostering a unified approach. As a result of this, Panaseer is now essential for weekly management meetings and providing transparency and actionable insights.

By automating insights and reporting, Panaseer streamlined regulatory compliance, shifting the organization from a reactive to a proactive security posture. As Panaseer’s global use expanded, it became crucial in managing cybersecurity risks, driving continuous improvement, and supporting the Cyber GRC strategy.