This case study shows how Armour Cybersecurity designed and delivered a vulnerability management program as part of its broader cybersecurity services for a leading global watchmaker. Using a structured vulnerability management process and a risk based vulnerability management approach, the client reduced critical exposures, improved remediation accountability, and strengthened enterprise-wide security operations.
Client Profile
A leading international watch manufacturer engaged Armour Cybersecurity to build a scalable vulnerability management program across its global environment. With manufacturing plants, distribution hubs, sales channels, and corporate systems spanning multiple countries, the organization needed a consistent vulnerability management process to identify assets, assess exposures, and protect business operations.
As the company expanded its digital footprint and interconnected IT ecosystem, it needed a risk based vulnerability management model supported by cybersecurity consulting that could align cybersecurity activities with operational priorities, compliance expectations, and production continuity.
Challenge
Operating at global scale exposed the organization to a fast-moving threat landscape and several persistent challenges. The company needed a vulnerability management program that could go beyond basic scanning and support measurable risk reduction across factory, corporate, and multi-cloud environments.:
- Governing an ever-growing asset estate across factory networks on premises, and multi-cloud.
- Detecting and remediating vulnerabilities quickly and in the right order of risk.
- Hitting internal security KPIs while aligning with NIST CSF and ISO 27001 controls.
- Providing executives with clear, actionable visibility into cyber risk.
- Minimizing exposure to issues that could disrupt production or erode customer trust.
The company needed more than ad-hoc scanning—it required a continuous, data-driven vulnerability lifecycle management.
Our Approach
Armour Cybersecurity built a tailored vulnerability management program based on five core pillars. This vulnerability management process was designed to improve asset visibility, support faster remediation, and enable risk based vulnerability management across the client’s global operations. We built a tailored Vulnerability Management program on five pillars:
1) Asset Discovery & Classification
- Performed comprehensive discovery across corporate and manufacturing segments to enumerate live hosts, services, and the organization’s access control network.
- Classified assets by criticality, business function, and data sensitivity to drive prioritization.
- Federated inventory with the CMDB and scanning platform to ensure a single source of truth.
2) Vulnerability Scanning
- Deployed lightweight agents from leading technology providers for daily assessments and authenticated checks.
- Tuned scan profiles to cover OS, configuration baselines, and third-party software exposure.
- Scheduled factory and OT-adjacent scans during maintenance windows to avoid operational impact.
3) Risk-Based Prioritization
- Combined CVSS, vendor risk scoring, exploit intelligence, and asset criticality into contextual risk ratings.
- Delivered and maintained role-based dashboards highlighting aging items, SLA breaches, and top exposure themes for IT and Security.
4) Remediation & Verification
- Partnered with business platform owners to execute patches and secure configuration changes within change-control cycles.
- Verified closure via targeted re-scans and manual validation on safety- or revenue-critical systems.
- Escalated overdue critical items to the monthly security steering committee for decision and funding.
5) Executive Reporting & Continuous Improvement
- Published monthly risk posture reports with KPIs, trends, and remediation effectiveness.
- Captured recurring misconfigurations to update hardening baselines and golden images.
- Ran quarterly reviews to expand coverage, retire legacy tech, and optimize scan performance results.
Engagement Outcomes
Significant Reduction in Critical Vulnerabilities
Achieved more than 50% decrease in critical and high-risk findings within the first six months. The new vulnerability management program contributed to a significant reduction in critical and high-risk findings. The company’s risk based vulnerability management strategy helped teams focus on the issues most likely to affect operations and security outcomes.
Improved Visibility & Accountability
Centralized, near real-time dashboards provided a single view across all business units and regions. By standardizing the vulnerability management process, the client gained clearer ownership of remediation actions across business units and regions. Centralized dashboards provided better visibility into asset coverage, open findings, and remediation timelines.
Executives received concise, outcome-oriented metrics to guide risk decisions and investments.
Operational Efficiency
Aligned remediation with patch windows and change-control, avoiding production downtime. The vulnerability management program aligned remediation activities with maintenance windows and change-control practices, reducing disruption to production and improving coordination between security and operational teams.
Reduced repeat findings through root-cause analysis and preventive controls.
Security Maturity Advancement
Embedded vulnerability management into enterprise risk and compliance processes. The organization’s vulnerability management process became more measurable, repeatable, and aligned to enterprise risk objectives. Through risk based vulnerability management, the client improved prioritization quality and strengthened alignment with ISO 27001 and the NIST Cybersecurity Framework.
Demonstrated strong alignment with ISO 27001 and the NIST Cybersecurity Framework.
Conclusion & Business Impact
By moving from reactive scanning to a structured vulnerability management program, the organization measurably reduced exposure without disrupting business operations. Armour Cybersecurity established a scalable vulnerability management process that improved visibility, accelerated remediation, and supported stronger cross-functional accountability.
Most importantly, the engagement helped the client adopt a risk based vulnerability management model that tied technical remediation efforts to business impact. The result was a more resilient security posture, better decision-making, and a repeatable path for continuous improvement.
