Lenovo Looks to IriusRisk to Enhance its Security Strategy & Practices for Future Growth

Download full case study

Company Background

Lenovo is a Fortune Global 500 technology organization with $62 billion in revenue with 77,000 employees. Lenovo was facing challenges with their previous threat modeling tool and looked to IriusRisk to improve the threat modeling strategy and processes.

Challenges

  • Their previously implemented threat modeling tool lacked stability and reliability that led to issues in production environments. 
  • Critical features lacking, such as versioning, which forced teams to redo threat models from scratch for each new product release. 
  • The absence of a comprehensive questionnaire feature also hindered the ability to implement a hybrid threat modeling approach efficiently.

Solution

Lenovo decided to explore alternative threat modeling solutions. After additional research, they selected IriusRisk due to its robust feature set and user-friendly interface. The key features that stood out included:

  • Enabled Lenovo to carry forward previous threat models into new product versions, saving significant time and effort.
  • Allowed Lenovo to implement a hybrid threat modeling approach, streamlining the process by consolidating common security questions across different review stages.
  • IriusRisk provided a stable and reliable platform, which was crucial for Lenovo's large-scale operations.

Benefits

  • The versioning feature has drastically reduced the time spent on creating threat models for product updates, allowing Lenovo to focus on innovation.
  • The integration of questionnaires has unified various security checks, minimizing redundant efforts across teams and speeding up the product review process.
  • With 200 teams currently using IriusRisk and plans to expand usage to over 1,000 users across various departments, Lenovo is well-positioned to scale its threat modeling efforts globally.
  • The technical support from IriusRisk’s account management team has been instrumental in Lenovo’s successful adoption of the platform, providing training and alternative solutions tailored to their needs.

The outcomes...

The versioning feature has drastically reduced the time spent on creating threat models for product updates, allowing Lenovo to focus on innovation.
The integration of questionnaires has unified various security checks, minimizing redundant efforts across teams and speeding up the product review process.
With 200 teams currently using IriusRisk and plans to expand usage to over 1,000 users across various departments, Lenovo is well-positioned to scale its threat modeling efforts globally.
Download full case study

“Making the change to IriusRisk has significantly improved our threat modeling process. The platform’s stability, combined with essential features like versioning and questionnaire integration, has enabled Lenovo to enhance security practices while preparing for future growth.”

Navneet Keshav

Senior Threat Modeling Architect, Lenovo