AECOM and URS Corporations came together two years ago, doubling the company in size in an unprecedented acquisition in the architecture, engineering and construction industry. The enormous merger offered the information security team an opportunity to do things differently. Emily Heath, Global CISO at AECOM, shares how the team created their strategy based on the core competencies of a world class security organization, measured their baseline and developed a framework to plan their path to transformation. Heath also shares the results of having a clearly defined plan, and some key strategies she used in helping to get there.