William Hill InfoSec team scoop up best Security Team at the SC Awards Europe 2020!

The judges praised the team for “A great improvement programme that works directly with end-users to build both strategy and culture, this team leads from the front and invests in the training of the security staff to keep them ahead of the game”. The judges summed up with the following comments “ William Hill’s security team shows itself to be an innovator, implementer of best practice, and having a security approach that covers the key areas of people, process and technology". This team is clearly dedicated to their task, with a clear vision, insight and innovation – exactly what businesses need.”

How have the team put security on the map?

The team have adopted a hearts and mind philosophy, structuring around a ‘Managed Security Services’ operating model, establishing divisional Head of InfoSec roles who have ownership of security within WH’s divisions, allowing the security team to support these divisions, delivering on their objectives, while enabling a feedback loop to improve security. This has allowed each channel to benefit from having security front and centre in all decision making and allowed the security team member to build business awareness of the channel, bridging the gaps and most importantly establishing trust with the business channel leaders.

So what have the team deliver?

The examples of best practice include the adoption of ISO27001 delivering business enablement through compliance in areas where security is required for regulatory or licencing approval. A SOAR programme brought together business control and sensor data to build a real-time image of potential threats, with auto-response when appropriate. This included the Anti-DDoS Platform presented as part of the AWS ‘This is my Architecture’ series. Annual 40-minute awareness training was replaced by 12x3-minute monthly training sessions and end-user tools such as LastPass and integrated Report Phishing buttons which have raised awareness and improved the security culture.

Killian Faughnan, William Hill's Chief Information Security Officer said of the win:

We were up against some bit hitters the combination of innovation, best practice and a growing security culture gave us the edge and is testament to the hard work of the team. I couldn’t be prouder!

Well done to all InfoSec colleagues! Curious what kind of challenges are waiting for you by joining Krakow InfoSec? Check it out here!