Back to How We Help Clients
Impact Story

Recovering from a major cybersecurity attack

A major cyber attack shut down a bank’s online system for hours, leaving thousands of customers without access to their accounts.

As the blackout spread, senior executives rushed to understand and contain it. After service was restored later in the day, management breathed a sigh of relief. But despite recovering relatively quickly this time, they felt in the dark about the kinds of vulnerabilities they’d been exposed to, and they knew it could easily happen again.

We were asked to help diagnose and prioritize cybersecurity risks, and implement a cybersecurity program to protect the bank and its customers from future attacks.

In 12 weeks we built and implemented a new cybersecurity program

  • diagnosed current cyber capabilities and gaps using interviews, benchmarking data and software-enabled modeling
  • redesigned security protocols to match the level of risk in each process or asset
  • aligned senior stakeholders and business-unit leaders around the cybersecurity vision and implementation plan
  • worked with business and IT teams to put the new program into action, using workshops to test the new communication and decision-making approach
cybersecurity

War game simulations revealed where clearer accountability and a standard set of actions would improve the bank’s response to future attacks

30

critical
IT systems

assessed for vulnerabilities

20

systems prioritized

for extra protection

12

weeks

to build and launch the new cybersecurity plan

Examples of our work

How a steel plant in India tapped the value of data