Nevertheless, this was a request from a Senior Leader, so we went ahead with our ‘Discovery’ phase, started to understand more about the organization and issues they were facing. We interviewed their teams, understood their technology initiatives, overall architecture and in particular their investments on the cyber security front. As we progressed, we started making few interesting observations - they had the best industry standard security tools & technology & a robust organization structure that was in place. From our experience, not many organizations have these kinds of toolsets, some of these are the best ones available today. So, where were they going wrong, where were the gaps? Was it a wrong choice of technology, or an implementation that went south or a lack of usage of these?