Like many organisations, our client was underinvested in Phishing defences and at risk due to outdated and unsupported Java software. Staff members are on the front-line with this type of attack, and so it is essential to have them alert at all times. The client was acutely aware that lack of attention in this area had led to unacceptable exposure, and so engaged us to help close the gap. This was done as part of a wider transformation programme.
We worked with our client to take them through a multi-step process:
- Requirements: We helped them to understand their requirements – defining exactly what they were striving to achieve;
- Scope and Budget: We worked with them to agree a suitable scope and realistic budget;
- Market analysis: we took the lead on doing a full market analysis, understanding the best options, and making a recommendation;
- Delivery: we supported the client through successful delivery, following through until the solution was fully functioning and ensuring they were delighted with the outcome.
At the end of this project, the client was the proud owner of an enterprise-level anti-phishing capability, tailored to meet their needs. It left them able to persistently train staff members, raising awareness of these types of attacks. It also gave them best-in-class intelligence on new and current threats, enabling them to detect and respond in a timely and comprehensive manner.
This is not a new risk, but the impact of a cyber-attack can vary dramatically, depending on how malicious the attack is and the speed with which it is identified and rectified by the target company.