Skip to main content

Making an investment in a more secure future

Financial leader strengthens its cyber posture by transforming backup and recovery capabilities

The starting point

A single ransomware attack can bring a company’s essential services to a grinding halt, freezing apps, systems, data, and operations until the organization agrees to pay the attacker or finds another way to break free from the attack. Even in the best-case scenarios, such an attack can destroy or compromise business-critical data, leaving the target organization damaged even after surviving a ransomware event.

As these attacks become more sophisticated, their impact also becomes greater, and organizations remain ill-prepared. For one of the largest global investment management companies, these threats were the No.1 risk to its business. While the company had strong defensive and detection capabilities, leaders realized that it would be impossible to neutralize every would-be attacker and decided it was time to invest in improving the organization’s cyber-resilient posture.

Factors in focus

 

  • High profile as a leading global investment management company
  • Growing potential for disruptive ransomware attacks
  • Overwhelming need to ensure operational continuity in the wake of future cyber incidents

 

The way forward

The organization needed the right approach and solutions to protect its essential services, and company leaders turned to Deloitte for help. Deloitte worked with the executive team to identify those essential services—the ones most vital to the core business, such as client funds access—and began mapping those services to underlying processes, applications, systems, and data. This work would serve as the foundation to preparing both the business and the technology environment to respond to and recover from potential ransomware attacks.

Moving forward, the priority was to accelerate toward risk reduction. Given the technical nature of the threats, deploying a cyber recovery vault—to protect essential services in segregated, secured, and unchangeable environments—was paramount. Such a solution can enable effective recovery from a ransomware attack; while the attack may disrupt services, it does not destroy them.

Deloitte worked with the organization to develop requirements for multiple vaults and collaborated with alliances to design and implement the vaults globally, both on premises and in cloud environments. Deloitte also developed a series of recovery playbooks to define the intricate process of extracting, cleansing, certifying, and recovering services from the vaults.

Given that a vault would not prevent an attack and that a disruption would still remain a possibility, bridging the gap between “disruption” and “recovery” was an important need. To address that requirement, Deloitte worked with the organization’s leadership to devise interim business solutions. Deloitte also helped augment and synchronize the organization’s overall response to potential cyber events by enhancing processes across incident response, crisis management, incident management, business continuity, and disaster recovery. This comprehensive approach should allow the company to stay aligned internally and sustain and recover essential services during any future disruption.

After working with the client organization to establish new cyber strategies and methods, Deloitte conducted a series of technical tests and cyber wargames—to help pressure-test capabilities and build organizational “muscle memory.”

As a result of the cyber transformation, the organization ultimately embedded greater resilience into both its business and technical environment, and improved readiness for a ransomware attack. Not only did the company reduce its cyber risk profile, but it improved insights into the essential services for the business, which then enabled a broader set of business transformation initiatives.

The achievements

Let's talk cyber

Deloitte Cyber

How will your organization respond to and recover from its next potential cyber incident? And how will your organization transform its cyber capabilities to help safeguard your business and stakeholders and build trust from end to end?

Deloitte’s Cyber Incident Readiness, Response, and Recovery (CIR3)

Discover how Deloitte’s Cyber Incident Readiness, Response, and Recovery (CIR3) services can help your organization face the future with greater strength and resilience. Contact us to get the conversation started.

Did you find this useful?

Thanks for your feedback