Business Analysis in Cyber Security

An INDEX Consultant has been engaged as a Business Analyst within a Federal Government Cyber Security program since the start of 2018. One of the key projects our Consultant contributed to was the support and implementation of an automated application security capability. The Consultant worked in collaboration with key stakeholders to define the vision, outcomes and the implementation approach.

The Consultant developed a clear vision of the future state and implementation approach by working with relevant stakeholders. This allowed the project to fulfil its purpose with the executive support provided. Having utilised a series of co-design workshops, the Consultant was able to align all relevant stakeholder requirements in a collaborative format.

Our Consultant undertook a systematic approach to leading an agile team through a proof of value and product pilot. The lessons learned were then incorporated into the next iteration of the future operating model. The team then worked alongside the Application Security and Product Management teams to develop a prioritisation framework. This framework was utilised to guide activities and establish a backlog refinement process. Using this approach, our Consultant was able to design a service that was responsive to the Department’s ever-changing needs.

The key outcome and achievement for this project was the implementation of an automated security testing application. With the ability to be developer-initiated, security testing can now be conducted earlier in the software development lifecycle. This, in turn, allowed for a faster, more responsive, developer-friendly testing capability.

INDEX Consultants has a rich history of leading transformational activities such as developing security applications, processes and products.