GLOBAL FINANCE, INC. (GFI)

Global Finance, Inc. (GFI) is a financial
company that manages thousands of accounts across Canada, the United
States, and Mexico. A public company traded on the NYSE, GFI specializes
in financial management, loan application approval, wholesale loan
processing, and investment of money management for their customers.
GFI
employs over 1,600 employees and has been experiencing consistent
growth keeping pace with S&P averages (approximately 8%) for nearly
six years. A well-honed management strategy built on scaling operational
performance through automation and technological innovation has
propelled the company into the big leagues; GFI was only recently
profiled in Fortune Magazine.
BACKGROUND AND YOUR ROLE
You are the
Computer Security Manager educated, trained, and hired to protect the
physical and operational security of GFI’s corporate information system.
You
were hired by COO Mike Willy and currently report to the COO. You are
responsible for a $5.25m annual budget, a staff of 11, and a sprawling
and expansive data center located on the 5th floor of the corporate
tower. This position is the pinnacle of your career – you are counting
on your performance here to pave the way into a more strategic
leadership position in IT, filling a vacancy that you feel is so
significantly lacking from the executive team.
There is actually a
reason for this. CEO ***** ***** believes that the IT problem is a known
quantity – that is, she feels the IT function can be nearly entirely
outsourced at fractions of the cost associated with creating and
maintaining an established internal IT department; the CEO’s strategy
has been to prevent IT from becoming a core competency since so many
services can be obtained from 3rd parties. Since the CEO has taken the
reigns two years ago, the CEO has made significant headway in cutting
your department’s budget by 30% and reducing half of your staff through
outsourcing. This has been a political fight for you: maintaining and
reinforcing the relevance of an internal IT department is a constant
struggle. COO Willy’s act of hiring you was, in fact, an act of
desperation: the increasing operational dependence on technology
combined with a diminishing IT footprint gravely concerned Jacobson, and
he begged to at least bring in a manager to whom these obligations
could be delegated to. Jacobson’s worst nightmare is a situation where
the Confidentiality, Integrity, and Availability of the information
system was compromised – bringing the company to its knees – then having
to rely on vendors to pull him out of the mess.
GFI has experienced
several cyber-attacks from outsiders over the past a few years. In 2012,
the Oracle database server was attacked and its customer database lost
its confidentiality, integrity, and availability for several days.
Although the company restored the Oracle database server back online,
its lost confidentiality damaged the company reputations. GFI ended up
paying its customers a large sum of settlement for their loss of data
confidentiality. Another security attack was carried out by a malicious
virus that infected the entire network for several days. While infected
the Oracle and e-mail servers had to be shut down to quarantine these
servers. In the meantime, the company lost $1.700, 000 in revenue and
intangible customer confidence.
There’s no question that the
company’s CEO sees the strategic importance of technology in executing
her business plan, and in this way you share a common basis of principle
with her: that IT is a competitive differentiator. However, you believe
that diminishing internal IT services risks security and strategic
capability, whereas the CEO feels she can acquire that capability
immediately and on the cheap through the open market. You’re told that
CEO Thompson reluctantly agreed to your position if only to pacify COO
Willy’s concerns.
Powered by