quora ThreatCop Cyber Security Case Study: Finance Industry

Home / Financial Industry

INDUSTRY

  • Banking

ENVIRONMENT

  • 6000+ Employees
  • $331 million Revenue

Company Overview

The organization is a leading financial service provider that delivers process-centric, technology-based, and customer-oriented complete banking solutions to its customers across India. They approached Kratikal for improving their organizational security and reduce the overall cyber risk of their organization. They were conducting regular training sessions to protect their employees from cyber attacks, but the impact was not on the same scale.

Situation

The organization approached Kratikal for improving cyber resilience. They were not able to determine if their efforts in educating their employees about cyber awareness were as impactful as they had expected it to be. They did not have a well-defined mechanism for checking the vulnerability level of the employees and to measure the effciency of the training sessions. Kratikal’s niche expertise in combating corporate espionage cases and online crimes made us capable to fulfil their requirements.

Get in!

Here’s an opportunity for you to stand out from the crowd!

Join our weekly newsletter Cyber Times and become a part of our Cyber Resilient Community

Deployment

Our product was deployed in dierent departments of the organization under the 3-stage risk assessment cycle; the tool signicantly reduced the cyber risk of the organization during the period of 6 months.

    1. Simulation 1.0

    We imported the Active Directory (AD) of the organization into threatCop and sent phishing emails to all the employees. Two email templates were used. One of the templates offer Amazon gift card and the other one offers them lucrative deals through Flipkart gift card.

    Simulation Emails Send Emails Opened Link Clicked Employees Hacked
    Initial Simulation 2250 373 160 137
    Final Simulation 2250 118 70 12

    2. Knowledge Imparting

    Based on the responses of the employees to the phishing emails, we sent customized learning-based modules to all the employees which included details on how to identify phishing emails, appropriate response strategies, and policies on how to report such incidents.

    3. Assessment

    This was a self-assessment of employees based on the learning-based modules shared with them. The assessment included a wide variety of questions ranging from identification to reporting of phishing emails.

Cyber Security Blogs

Cyber Security Blogs

Notorious Ransomware Attacks by REvil in 2021

REvil (Ransomware Evil), also known as Sodinokibi, is an infamous private ransomware-as-a-service (RaaS) group held responsible for...

Cyber Security Blogs

A CISO’s Guide to Security Awareness Training for Employees

Security is everyone’s responsibility and when it comes to an organization’s security, every member is responsible for ensuring...

Cyber Security Blogs

How Attackers Hack Mobile Phones to Breach an Organization?

If you think that there is no way cyber criminals can hack your organization through mobile phones, think again. Whether your company has just ten employees...