COO and General Counsel
SVA partnered with the COO and General Counsel of an organization that needed to contain damage from a cyber incident by protecting their business and their client’s business.
The business had moved from bootstrapping to hyper growth to becoming one of the leading firms in its industry. During rapid growth, they implemented Cloud technologies and Software As A Service to enable agile cost effective growth. However, they underinvested in IT infrastructure and cyber security controls, and the controls they did have were understaffed and undertrained. Unfortunately, the company encountered a phishing situation that aimed to trick users into giving up passwords and to put mechanisms in place to control email. In addition, the organization’s Accounts Payable was tricked into making wire transfer requests for just under $200,000.
Their goal was to restore trust internally and externally by communicating facts around the incident and by introducing and implementing preventive measures.
SVA worked alongside the COO and General Counsel (GC) to identify facts around the incident, initiate a forensic timeline and to classify the actual business impact. We developed a communication plan to customers with the goal of mitigating inaccurate information and to defend the company’s reputation. All communications were routed through GC and all information was established as attorney/client privileged. Measures were taken to protect staff members who were primary targets, and they were offered counseling support. After performing root cause analysis and recovery of funds, the engagement wrapped up with lessons learned including education of staff and the initiation of a preventive cybersecurity program.
SVA produced an incident containment report so the company’s senior management team could proactively communicate remediation status and preventive measures to key stakeholders including employees, customers, investors, law enforcement, and insurance.
Theft exposure was reduced and 66% of the money stolen was recovered. Of customers surveyed, 92% recognized the maturity of the organization, and many leveraged lessons learned to strengthen their own cybersecurity programs. Employee education and awareness was fully implemented with new cybersecurity controls and awareness training. In addition, time to identify an attack went from weeks to minutes and the response time from months to minutes in subsequent phishing attacks.