<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1615816415302394&amp;ev=PageView&amp;noscript=1">

CASE STUDY
CYBER INCIDENT MANAGEMENT

Learn how we helped this organization with cyber incident management.

KEY PLAYER(S)

COO and General Counsel

BUSINESS ISSUE

SVA partnered with the COO and General Counsel of an organization that needed to contain damage from a cyber incident by protecting their business and their client’s business.

The business had moved from bootstrapping to hyper growth to becoming one of the leading firms in its industry. During rapid growth, they implemented Cloud technologies and Software As A Service to enable agile cost effective growth. However, they underinvested in IT infrastructure and cyber security controls, and the controls they did have were understaffed and undertrained. Unfortunately, the company encountered a phishing situation that aimed to trick users into giving up passwords and to put mechanisms in place to control email. In addition, the organization’s Accounts Payable was tricked into making wire transfer requests for just under $200,000.

Their goal was to restore trust internally and externally by communicating facts around the incident and by introducing and implementing preventive measures.

business issue icon
sva process icon

THE SVA PROCESS

SVA worked alongside the COO and General Counsel (GC) to identify facts around the incident, initiate a forensic timeline and to classify the actual business impact. We developed a communication plan to customers with the goal of mitigating inaccurate information and to defend the company’s reputation. All communications were routed through GC and all information was established as attorney/client privileged. Measures were taken to protect staff members who were primary targets, and they were offered counseling support. After performing root cause analysis and recovery of funds, the engagement wrapped up with lessons learned including education of staff and the initiation of a preventive cybersecurity program.​

BUSINESS OUTCOME

SVA produced an incident containment report so the company’s senior management team could proactively communicate remediation status and preventive measures to key stakeholders including employees, customers, investors, law enforcement, and insurance.

Theft exposure was reduced and 66% of the money stolen was recovered. Of customers surveyed, 92% recognized the maturity of the organization, and many leveraged lessons learned to strengthen their own cybersecurity programs. Employee education and awareness was fully implemented with new cybersecurity controls and awareness training. In addition, time to identify an attack went from weeks to minutes and the response time from months to minutes in subsequent phishing attacks.

business outcome icon

MORE SVA LIFE SCIENCES CASE STUDIES

Competitive Market Surveillance

COMPETITIVE MARKET SURVEILLANCE

Financial Systems Upgrade

FINANCIAL SYSTEMS UPGRADE

Sales Representative Credentialing

SALES REPRESENTATIVE CREDENTIALING

It starts with a simple conversation.

COMPANIES WE PROVIDED WITH Measurable Results.®