Cybersecurity program enables recovery from cyberattack
Snapshot
One of the world’s largest suppliers of ophthalmic diagnostic, laser, and surgical lenses suffered a severe cyberattack. Kalles Group helped the client not only halt the attack, protect their data, and recover losses but also develop a cybersecurity program to strengthen protection of the client’s data going forward.Â
Challenge
This global supplier of ophthalmic diagnostic, laser, and surgical lenses suffered a severe cyberattack. The cybersecurity attack was possible because the client lacked company security practices and had technical debt, which occurs when a company chooses an easier technological route for the immediate time, making them more vulnerable in the future. What the client needed from Kalles Group was twofold: 1) immediate help in securing their business and data from the attack, and 2) development of a program to reduce their risk and help prevent future losses.
Approach
Following best practices for incident response, Kalles Group first moved to contain the attack, mitigate damage, secure environments, and remove attackers. Next, they addressed acute vulnerabilities and remediated the effects of the attack. Once Kalles Group successfully contained the attack, they assessed the client’s entire security protocol to develop a custom security program.
Kalles Group conducted discussions with key staff members, reviewed documentation, and observed company practices. They assessed the client’s current data security, information security policy, personnel awareness of security, and vendor security postures. Kalles Group helped the client understand security concepts and make decisions about:
- Program roles and responsibilities
- Processes in scope
- Regulatory and legal requirements
- Policies and standards
- Employee security education needs
- Data classification criteria
- Access to systems and network
- Third-party security
- Mobile and personal devices in use for work
Results
Kalles Group recommended security improvements and helped the client create a plan to implement not only those improvements but also cultural changes. The new cybersecurity plan helps the client confidently determine what they most value, where those things are, which processes support them, and the risks to all of those assets. The client now has a plan to operationalize the program and keep it running continuously, including periodic re-evaluation and fine-tuning so that it evolves to meet the organization’s ongoing needs.
With the new cybersecurity program’s implementation, the client has secured their network and protected their data with smart technology, improved processes, and employee education. As a bonus, the client should experience cost savings after their initial investment as a result of eliminating ineffective or redundant activities and strategically allocating people, time, and money toward their ongoing data protection efforts.