Back to How We Help Clients
Impact Story

Recovering from a major cybersecurity attack

A major cyber attack shut down a bank’s online system for hours, leaving thousands of customers without access to their accounts.

As the blackout spread, senior executives rushed to understand and contain it. After service was restored later in the day, management breathed a sigh of relief. But despite recovering relatively quickly this time, they felt in the dark about the kinds of vulnerabilities they’d been exposed to, and they knew it could easily happen again.

We were asked to help diagnose and prioritize cybersecurity risks, and implement a cybersecurity program to protect the bank and its customers from future attacks.

In 12 weeks we built and implemented a new cybersecurity program

  • diagnosed current cyber capabilities and gaps using interviews, benchmarking data and software-enabled modeling
  • redesigned security protocols to match the level of risk in each process or asset
  • aligned senior stakeholders and business-unit leaders around the cybersecurity vision and implementation plan
  • worked with business and IT teams to put the new program into action, using workshops to test the new communication and decision-making approach

War game simulations revealed where clearer accountability and a standard set of actions would improve the bank’s response to future attacks


IT systems

assessed for vulnerabilities


systems prioritized

for extra protection



to build and launch the new cybersecurity plan

Examples of our work

How a steel plant in India tapped the value of data