Security & Governance Practice
Under the umbrella of Security and Governance Practice (SGP), CTP has
assembled a talented team of security professionals who are fully dedicated to
the following mission:
• To be the #1 cloud security organization in the world
• To provide world-class security & GRC services to our clients
• To enable and guide our clients on a journey to secure public cloud
operations
Our SGP resources have a breadth of experience, talent and certifications in
everything from IT Governance and Audit (CISA, CISM, CGEIT) to security
(CISSP, CCSP, Ethical Hacking). This also includes every AWS certification to
ensure we can cover applicable technical areas. SGP has two primary areas of
focus: Advisory Services and Implementation Services. The primary objectives
for each are listed below:
Advisory Services
• Educate clients on public cloud security
• Remove any roadblocks for migration to public cloud
• Obtain buy-in from security & GRC resources for application migration
to cloud
Implementation Services
• Help accelerate adoption of public cloud services in a secure manner
• Provide value by bringing expertise gained from numerous other clients
• Provide assurance to clients that cloud security best practices are used
To help us and our clients achieve the objectives above, we provide the follow-
ing services:
Security Assessment
This is a 4 to 10 week engagement based on client size, complexity, and regula-
tory requirements. When completed, this engagement provides a holistic view
of our client’s cloud security model in AWS for both non-production and pro-
duction environments and assesses any gaps in the client’s cloud security
model implementation. This work is instrumental to our client’s ability to
establish a secure cloud foundation for the future and can help address various
legal and regulatory needs.
Minimum Viable Cloud (MVC)
This is a 6 to 12 week engagement that encompasses an iterative process of
building a cloud platform that includes security, operations, automation,
resource management, cost control, compliance, tooling, and account struc-
tures. This process represents the shortest path to value with early and con-
stant wins, the goal of which is to prove viability. We have honed and meticu-
16 | THE DOPPLER | FALL 2017