Skip to main content

Making an investment in a more secure future

Financial leader strengthens its cyber posture by transforming backup and recovery capabilities

The starting point

A single ransomware attack can bring a company’s essential services to a grinding halt, freezing apps, systems, Data and operations until the organisation agrees to pay the attacker or finds another way to break free from the attack. Even in the best-case scenarios, such an attack can destroy or compromise business-critical Data, leaving the target organisation damaged even after surviving a ransomware event.

As these attacks become more sophisticated, their impact also becomes greater and organisations remain ill-prepared. For one of the largest global investment management companies, these threats were the No.1 risk to its business. While the company had strong defensive and detection capabilities, leaders realised that it would be impossible to neutralise every would-be attacker and decided it was time to invest in improving the organisation’s cyber-resilient posture.

Factors in focus

 


  • High profile as a leading global investment management company
  • Growing potential for disruptive ransomware attacks
  • Overwhelming need to ensure operational continuity in the wake of future cyber incidents

 

The way forward

The organisation needed the right approach and solutions to protect its essential services and company leaders turned to Deloitte for help. Deloitte worked with the executive team to identify those essential services—the ones most vital to the core business, such as client funds access—and began mapping those services to underlying processes, applications, systems and Data. This work would serve as the foundation to preparing both the business and the technology environment to respond to and recover from potential ransomware attacks.

Moving forward, the priority was to accelerate toward risk reduction. Given the technical nature of the threats, deploying a cyber recovery vault—to protect essential services in segregated, secured and unchangeable environments—was paramount. Such a solution can enable effective recovery from a ransomware attack; while the attack may disrupt services, it does not destroy them.

Deloitte worked with the organisation to develop requirements for multiple vaults and collaborated with alliances to design and implement the vaults globally, both on premises and in cloud environments. Deloitte also developed a series of recovery playbooks to define the intricate process of extracting, cleansing, certifying and recovering services from the vaults.


Given that a vault would not prevent an attack and that a disruption would still remain a possibility, bridging the gap between “disruption” and “recovery” was an important need. To address that requirement, Deloitte worked with the organisation’s Leadership to devise interim business solutions. Deloitte also helped augment and synchronise the organisation’s overall response to potential cyber events by enhancing processes across incident response, crisis management, incident management, business continuity and disaster recovery. This comprehensive approach should allow the company to stay aligned internally and sustain and recover essential services during any future disruption.

After working with the client organisation to establish new cyber strategies and methods, Deloitte conducted a series of technical tests and cyber wargames—to help pressure-test capabilities and build organisational “muscle memory.”

As a result of the cyber transformation, the organisation ultimately embedded greater resilience into both its business and technical environment and improved readiness for a ransomware attack. Not only did the company reduce its cyber risk profile, but it improved insights into the essential services for the business, which then enabled a broader set of business transformation initiatives.

The achievements

Let's talk cyber

Deloitte Cyber

How will your organisation respond to and recover from its next potential cyber incident? And how will your organisation transform its cyber capabilities to help safeguard your business and stakeholders and build trust from end to end?

Deloitte’s Cyber Incident Readiness, Response and Recovery (CIR3)

Discover how Deloitte’s Cyber Incident Readiness, Response and Recovery (CIR3) services can help your organisation face the future with greater strength and resilience. Contact us to get the conversation started.

Did you find this useful?

Thanks for your feedback