Helping an innovative medical supply company recover and strengthen security posture after severe cyberattack
Snapshot
Technical debt impacts many companies that are trying to get a new product to market quickly. It can manifest in many ways, including badly organized code, poor documentation, insufficient testing, and — of course — a weakened cybersecurity posture.
An innovative company in the medical supply space recently suffered a debilitating cyberattack due (in large part) to technical debt that impacted its security posture. Kalles Group helped the client halt the attack, protect sensitive data, recover losses, and strengthen data protection with a solid cybersecurity program encompassing both vulnerability management and culture.
Challenge
Technical debt created exploitable vulnerabilities for hackers, leading to cyberattack
Technical debt arises when a company chooses to take some technological shortcuts during product development in the interest of delivering the product or feature more quickly. In this case, the medical supply company had failed to develop certain security practices that made it vulnerable to cybercrime. Eventually, the company fell victim to a massive cyberattack.
The first course of action was to help the client secure their business and data from the attack as quickly as possible. But simply putting a band-aid on the issue wouldn’t prevent them from being targeted again sometime in the near future. Technical debt could still rear its ugly head, so Kalles Group’s expert guidance was needed to develop a program to reduce risk and prevent future losses.
Approach
First things first: Containing the attack and assessing security posture
Following incident response first principles, the KG team moved to contain the attack, mitigate damage, secure environments, and remove attackers. The consultants then conducted remediation of acute vulnerabilities and effects of the attack.
Once the attack was contained and damage had been dealt with, Kalles Group assessed the company’s entire security posture (including personnel security awareness, vendor security postures, and more) in order to develop a right-sized security program. The consultants conducted discussions with key staff members, reviewed documentation, and observed company practices.
A vulnerability management program that builds understanding and confidence
The reason for creating a customized cybersecurity program was to help the client gain confidence in their security decision-making along with a better understanding of what they most value as a business and how the absence of certain processes can put those things at risk.
To further embed security awareness into the company culture, Kalles Group helped the client’s staff understand key security concepts and make decisions about:
- Program roles and responsibilities
- Processes in scope
- Regulatory and legal requirements
- Policies and standards
- Employee security education needs
- Data classification criteria
- Access to systems and network
- Third-party security
- Mobile/personal device use at work
Kalles Group worked closely with the company’s IT team to ensure a seamless integration of our services into their existing proactive security framework. The focus here was on implementing a specialized vulnerability management system and providing regular, concise insights on critical vulnerabilities. A summary of this process is as follows:
- Vulnerability management system implementation. Kalles Group installed a proprietary vulnerability management system and integrated it with the client’s existing infrastructure.
- Regular IT team collaboration. Kalles Group conducted weekly debriefings with the IT team, focusing on the current state of vulnerabilities and emphasizing the most critical ones.
- Long-term proactive patch strategy. Kalles Group developed a strategy for implementing proactive patches that aligned with the client’s existing patch management program.
- Streamlined reporting. Kalles Group provided concise vulnerability reports, focusing on critical vulnerabilities rather than elaborate prioritization.
- Continuous improvement. Kalles Group regularly assessed the effectiveness of the vulnerability management process and made adjustments to align with the client’s proactive approach.
The KG program also provided instructions on how to keep it running continuously, such as implementing periodic re-evaluations and tuning to ensure it evolves as the organization does.
Results
Security improvements and security-focused cultural changes: A powerful combo
After working with Kalles Group, the client has not only secured their network and protected their data with smart technology, but also improved their processes and increased employee awareness about cybersecurity through a comprehensive program. This program includes a shift in company culture towards better security awareness. Thanks to Kalles Group’s instructions on re-evaluation and fine-tuning, the medical supply company will be able to keep things running smoothly from here on out.
As a bonus, Kalles Group expects that the client will reap cost savings after their initial investment by eliminating ineffective or redundant activities and strategically allocating people, time, and money toward their ongoing data protection efforts.