Envision | Explore | Discover

Recovering from a major cybersecurity attack
A major cyber attack shut down a bank’s online system for hours, leaving thousands of customers without access to their accounts.
As the blackout spread, senior executives rushed to understand and contain it. After service was restored later in the day, management breathed a sigh of relief. But despite recovering relatively quickly this time, they felt in the dark about the kinds of vulnerabilities they’d been exposed to, and they knew it could easily happen again. We were asked to help diagnose and prioritize cybersecurity risks, and implement a cybersecurity program to protect the bank and its customers from future attacks.
In 12 weeks we built and implemented a new cybersecurity program
-
diagnosed current cyber capabilities and gaps using interviews, benchmarking data and software-enabled modeling
-
redesigned security protocols to match the level of risk in each process or asset
-
aligned senior stakeholders and business-unit leaders around the cybersecurity vision and implementation plan
-
worked with business and IT teams to put the new program into action, using workshops to test the new communication and decision-making approach

War game simulations revealed where clearer accountability and a standard set of actions would improve the bank’s response to future attacks
30
critical
IT systems
assessed for vulnerabilities
20
systems prioritized
for extra protection
12
weeks
identified for the roadmap
EXAMPLES OF OUR WORK

From empty warehouse to digital business

Recovering from a major cybersecurity attack
