ThreatCop Cyber Security Case Study: Finance Industry

Company Overview

The organization is a leading financial service provider that delivers process-centric, technology-based, and customer-oriented complete banking solutions to its customers across India. They approached Kratikal for improving their organizational security and reduce the overall cyber risk of their organization. They were conducting regular training sessions to protect their employees from cyber attacks, but the impact was not on the same scale.

Situation

The organization approached Kratikal for improving cyber resilience. They were not able to determine if their efforts in educating their employees about cyber awareness were as impactful as they had expected it to be. They did not have a well-defined mechanism for checking the vulnerability level of the employees and to measure the effciency of the training sessions. Kratikal’s niche expertise in combating corporate espionage cases and online crimes made us capable to fulfil their requirements.

Get in!

Here’s an opportunity for you to stand out from the crowd!

Join our weekly newsletter Cyber Times and become a part of our Cyber Resilient Community

Deployment

Our product was deployed in dierent departments of the organization under the 3-stage risk assessment cycle; the tool signicantly reduced the cyber risk of the organization during the period of 6 months.

1. Simulation 1.0

We imported the Active Directory (AD) of the organization into threatCop and sent phishing emails to all the employees. Two email templates were used. One of the templates offer Amazon gift card and the other one offers them lucrative deals through Flipkart gift card.

Simulation	Emails Send	Emails Opened	Link Clicked	Employees Hacked
Initial Simulation	2250	373	160	137
Final Simulation	2250	118	70	12

2. Knowledge Imparting

Based on the responses of the employees to the phishing emails, we sent customized learning-based modules to all the employees which included details on how to identify phishing emails, appropriate response strategies, and policies on how to report such incidents.

3. Assessment

This was a self-assessment of employees based on the learning-based modules shared with them. The assessment included a wide variety of questions ranging from identification to reporting of phishing emails.

Cyber Security Blogs

Notorious Ransomware Attacks by REvil in 2021

REvil (Ransomware Evil), also known as Sodinokibi, is an infamous private ransomware-as-a-service (RaaS) group held responsible for...

A CISO’s Guide to Security Awareness Training for Employees

Security is everyone’s responsibility and when it comes to an organization’s security, every member is responsible for ensuring...

How Attackers Hack Mobile Phones to Breach an Organization?

If you think that there is no way cyber criminals can hack your organization through mobile phones, think again. Whether your company has just ten employees...

All your security requirements under one roof.

Let us help you in securing your organization through our proactive, active and reactive cyber security solutions.

ThreatCop

KDMARC

Threat Alert Button

KPMonitor

Application Security Testing

Network Security Testing

Cloud Penetration Testing

IOT Security Testing

Secure code Review

Medical Device Security Testing

ISO/IEC 27001

SOC2

GDPR

PCI DSS

SAR

SEBI Cybersecurity Framework

UIDAI Compliance Security Audit

RBI guidelines for Payment Industry

RBI guidelines Security Audit for NBFC Sector

CERT-in Security Audit Certifications for Infrastructure

Financial Services

Payment Services

E-Commerce

Health Tech

Education

Security Awareness

Attack Vectors

Security Updates

Case Studies