.png)
Enterprise IT
Security Overview
Platform Security
01 / 06
Platform Security Overview
Commercial IT
EADI IT
Greater China IT
GF & Hyper Automation IT
Innovation & Digital IT
Integrated Supply Chain & Finance IT
Infrastructure Services IT
International Regions IT
Mergers, Acquisitions & Divestments IT
Services & Solutions IT
Vendor & Asset Management IT
0
Total Platforms
5K
Servers
0
Cloud Platforms
~1K
IT Applications
0
SD Lan Sites
0
Critical Suppliers
Define Security Baselines & Requirements
Conduct Service-Level Security Risk Assessments
Implement Secure Configuration Standards
Govern Critical Security Functions
Define & Monitor Security KPIs/KRIs
Implement Compliance Monitoring & Reporting
Manage Security Concessions & Deviations
Resolve Security Incident
Escalate & Resolve Security Incidents
Execute Vulnerability Management & Remediation
Deliver Security KPI Dashboards & Reporting
Define & Implement AI Security Controls
Security Review - SD LAN Use Cases, Firewall Requests
Regulatory Security Compliance Assessment
Security architecture reviews
02 / 06
Key Achievements
Legacy Systems Reduction
Reduced from 2327 to 1299 systems
0%
Vulnerability Reduction
Remediated from 164205 to 79737 systems
0%
NIS2 Compliance
13 Application Assessment completion
0%
Major Incident
No Major Incident
0%
Threat Intel Closure
46 cases of 106 took more than 30 days.
0%
Automation Coverage
Security testing automated
0%
Secure Go-Live
352 Releases with No critical/high vulnerabilities
0%
SD Lan Requests
Security Review - SD LAN Use Cases, Firewall Requests
~2000
03 / 06
Automation Initiatives
Operational EfficiencySecurity Testing
- CI/CD-integrated SAST/DAST pipelines implemented.
- Coverage expanded to 80% of applications.
- Enabled shift-left security validation on every code push.
Threat Management
- SOC Efficiency
- Attack Surface Reduction
- Real-Time Security Alerting
Exception Management
- Implemented automated approval workflows with built-in SLA tracking.
- Significantly reduced manual effort in the decision process.
- Accelerated overall risk acceptance turnaround times.
Logical Access Control
- Automated Identity Onboarding
- Hardened Access Policies
- Secure SFTP
Kaizen Programm
- 20+ continuous improvement initiatives across security operations.
- Delivered measurable process enhancements and workflow optimization.
- Achieved a 25% overall efficiency uplift in security operations.
Data Protection
- Encryption By Default
- Storage Integrity
Secure Foundation
- Hardened Infrastructure
- Zero-Gap Logging: Deployed Resilient
- Lifecycle Governance: Automating EOL
Security Dashboard
- Enhanced security dashboards with detailed reporting.
- Added consistent KPIs to track risk trends.
04 / 06
Roadmap for 2026
Strategic PlanningCloud
Security By Design- Security Guardrails for Self Managed Accounts
- Cloud Security Posture Management Operationalization
AI Security
AI and API Security- AI Inventory and AI Security Gateway
- API Inventory, Scan, Auditing, Auth & Authorization
DevSecOps
Testing Automation- Security Testing in CI/CD pipeline for all platforms
- Reduce dependency on testing partners
Automation
Security Management- Exception Management Rollout
- Security Assessments Migration to SMF Compliance Tool
- Automation in handling of Service Requests and security validation & approval
Regulatory
Compliance to NIS2 / DPDPA- Critical Applications Assessment under NIS2, Retrospective assessments, gaps remediation from past assessment
05 / 06
Potential Risks
[SYS_ALERT]Risk RegisterEvolving Threat Landscape
AI-driven and advanced persistent attacks increasing in sophistication and frequency.
High ImpactLegacy Systems
Unsupported technologies creating exploitable vulnerabilities across the estate.
High ImpactCloud Misconfigurations
Misconfigured cloud assets creating unintended data breach entry points.
High ImpactAny Any - Firewall Rules
Unrestricted access across segmentation and trust boundaries.
High ImpactDelayed Remediation
Extended exposure window increases potential blast radius of known vulnerabilities.
Medium ImpactAutomation Gaps
Manual processes creating operational inefficiencies and inconsistent security posture.
Medium Impact06 / 06