Cyber Incident Response
CYBER Incident Response
When one of the world’s largest financial services companies suffered a network compromise that resulted in the theft of vast stores of proprietary information, they came to GRA. We assessed the client’s IT structure, found the breach, and helped institutionalize sophisticated network security protocols to ensure it wouldn’t happen again.
One of the world’s largest global financial services corporations suffered a network compromise that resulted in the theft of vast stores of proprietary information. This included millions of customers’ account details, bank balances, and access codes.
The client needed a thorough assessment of the causes of the breakdown and assurance that it wouldn’t happen again. They hired GRA to evaluate the network breach and to provide recommendations on how to institutionalize a sophisticated threat-protection protocol. GRA conducted extensive internal interviews in the United States and in multiple European and Asian countries. We questioned the chief security officer, chief technical officer, worldwide technical staff, as well as employees in compliance, security, sales, and marketing. GRA also reviewed the company’s IT structure to identify where the breach had occurred. From here we ascertained the causes of the breach and determined how many millions of data points had been stolen.
GRA also vetted industry-leading software security providers, including Nitro Security, McAfee, Splunk, Fidelis XPS, and RSA. The providers pitched the client new solutions for an advanced network security system. We substantively evaluated each presentation, reviewed proposals, provided expert advice, and helped negotiate prices.
Based on GRA’s recommendations, the client implemented an advanced network security system, including a Security Operations Center, an enhanced security staff, a robust 24/7 monitoring system, and hardened offshore networks. GRA negotiated a reduction of 32% in start-up costs for the new system. The company’s technology and security leaders also institutionalized standard operating procedures that GRA devised.