Strong partnerships
vision from above
adapted and targeted
Our expertise is trusted by leading companies across all industries
Healthcare
Large and specialist banks
Software vendors
Construction and Real Estate
Startups
IT service providers
Industry
Automotive Industry
Media and publishing
Case Studies
Red Team Assesment
Large, internationally active company with a very high level of security maturity
Objective and Assignment
Execution of a realistic assessment of resilience against targeted cyber and espionage attacks without prior knowledge.
Solution
A red team assessment lasting several months was conducted for this purpose.
In Phase 1, information was collected in a militarily structured manner to prepare the attack as effectively as possible. The following methods are applied:
Open Source Intelligence
Active and passive darknet analyses.
Covert on-site reconnaissance
Clarifying conversations with employees
Information was particularly obtained regarding the organization, company structure including internal operations and processes, top management and owners, data, IT systems, and IT infrastructure, security systems (physical and IT security), building information, partners, suppliers, and other stakeholders, affiliated companies, as well as current events.
An interim report, along with a presentation, presented the results and identified approximately.
15
realistic attack options
In Phase 2, identified attack possibilities were tested:
Using cover stories, a suspected IT employee was infiltrated at a location. This individual gathered additional information and prepared a cyber attack.
Sensitive and confidential information was obtained.
Furthermore, passwords and usernames of employees were acquired through fake internal company webshops.
Security Workshop
Medium-sized company with an established IT infrastructure and an evolving security maturity level.
Objective and Assignment:
To assess the current defensive readiness and derive potential improvement measures, the analysis includes the most essential processes and assets, the attack surface, and the measures taken thus far.
Solution
For this purpose, a one-day on-site security workshop was conducted with the management and IT leadership.
In the security workshop, the following points were addressed:
Identification of critical processes and assets requiring protection.
Analysis of the attack surface, including relevant attacker types, their targets, and possible attack techniques.
Evaluation of the current IT and security system based on appropriate standards.
The workshop resulted in a report that included an overview of key risks and their potential impacts, an assessment of the current state of preparedness for these risks, and targeted actions to improve preparedness.
During the final presentation, several measures were defined and implemented:
Implementation of a tailored Security System (ISMS) and adapted Emergency Preparedness in a Business Continuity Management System (BCMS)
Training of employees and drills for planned emergency preparedness measures
Implementation of technical quick wins, such as password management and enhancement of the already implemented security systems
Business Impact Analysis
Nationally active corporation with a high security maturity level.
Objective and Assignment:
Update the existing risk management system to reflect current risks such as blackout scenarios, supply shortages and supply chains, and the impact of geopolitical conflicts.
Lösung
For this purpose, briefings with top management, an analysis of the implemented risk management system, and a current business impact and risk analysis were conducted.
Briefing of top management on blackout scenarios and the impacts of geopolitical conflicts with international experts.
Analysis of the implemented risk management system in collaboration with in-house experts. Adjustment based on current experiences and alignment with norms and standards.
Joint development and updating of documentation for Business Impact Analyses based on the BSI Standard 200-4.
Conducting the analyses, particularly regarding blackout scenarios, at multiple locations, and reporting the results to in-house experts and top management.
Crisis management
SME with multiple locations in Austria involved in a ransomware incident.
Objective and Assignment
To assist the management and owners in handling this crisis.
Lösung
For this purpose, a multi-day crisis management process was conducted.
Formation of an appropriate crisis team with representatives from the company and regional IT service providers.
Augmentation of the crisis team with specialized functions from the alite-Security network, including negotiation experts and experts in emergency and crisis communication to support the management.
Development of scenarios and decision points.
Resuming and restoring the IT infrastructure.
Documentation of the measures taken and daily reporting, as well as the preparation of a final report.
Communication with stakeholders of the company regarding the incident.
Assisting the management in coordinating all actors within the crisis team and the nationwide emergency teams in Austria.
Security architecture
Evaluation of a new security architecture for a nationally operating corporation.
Objective and Assignment
Increased threats from cybercrime and espionage necessitate a reevaluation of the current security architecture and the introduction of new technologies and services.
Solution
A multi-phase approach based on workshops and allocated hours was implemented.