Skip to content

Strong partnerships

vision from above

adapted and targeted

Überzeugende Partnerschaften

Weitblick von oben

angepasst und zielgerichtet

Our expertise is trusted by leading companies across all industries

Healthcare

Large and specialist banks

Software vendors

Construction

and Real Estate

Startups

IT service providers

Industry

Automotive

Industry

Media and publishing

Case Studies

Red Team Assesment

Large, internationally active company with a very high level of security maturity

Objective and Assignment

Execution of a realistic assessment of resilience against targeted cyber and espionage attacks without prior knowledge.

Solution

A red team assessment lasting several months was conducted for this purpose.

In Phase 1, information was collected in a militarily structured manner to prepare the attack as effectively as possible. The following methods are applied:

Open Source Intelligence
Active and passive darknet analyses.
Covert on-site reconnaissance
Clarifying conversations with employees
Information was particularly obtained regarding the organization, company structure including internal operations and processes, top management and owners, data, IT systems, and IT infrastructure, security systems (physical and IT security), building information, partners, suppliers, and other stakeholders, affiliated companies, as well as current events.
An interim report, along with a presentation, presented the results and identified approximately.

15

realistic attack options

In Phase 2, identified attack possibilities were tested:

Using cover stories, a suspected IT employee was infiltrated at a location. This individual gathered additional information and prepared a cyber attack.
Sensitive and confidential information was obtained.
Furthermore, passwords and usernames of employees were acquired through fake internal company webshops.

Security Workshop

Medium-sized company with an established IT infrastructure and an evolving security maturity level.

Objective and Assignment:

To assess the current defensive readiness and derive potential improvement measures, the analysis includes the most essential processes and assets, the attack surface, and the measures taken thus far.

Solution

For this purpose, a one-day on-site security workshop was conducted with the management and IT leadership.

In the security workshop, the following points were addressed:

Identification of critical processes and assets requiring protection.
Analysis of the attack surface, including relevant attacker types, their targets, and possible attack techniques.
Evaluation of the current IT and security system based on appropriate standards.
The workshop resulted in a report that included an overview of key risks and their potential impacts, an assessment of the current state of preparedness for these risks, and targeted actions to improve preparedness.

During the final presentation, several measures were defined and implemented:

Implementation of a tailored Security System (ISMS) and adapted Emergency Preparedness in a Business Continuity Management System (BCMS)
Training of employees and drills for planned emergency preparedness measures
Implementation of technical quick wins, such as password management and enhancement of the already implemented security systems

Business Impact Analysis

Nationally active corporation with a high security maturity level.

Objective and Assignment:

Update the existing risk management system to reflect current risks such as blackout scenarios, supply shortages and supply chains, and the impact of geopolitical conflicts.

Lösung

For this purpose, briefings with top management, an analysis of the implemented risk management system, and a current business impact and risk analysis were conducted.

Briefing of top management on blackout scenarios and the impacts of geopolitical conflicts with international experts.
Analysis of the implemented risk management system in collaboration with in-house experts. Adjustment based on current experiences and alignment with norms and standards.
Joint development and updating of documentation for Business Impact Analyses based on the BSI Standard 200-4.
Conducting the analyses, particularly regarding blackout scenarios, at multiple locations, and reporting the results to in-house experts and top management.

Crisis management

SME with multiple locations in Austria involved in a ransomware incident.

Objective and Assignment

To assist the management and owners in handling this crisis.

Lösung

For this purpose, a multi-day crisis management process was conducted.

Formation of an appropriate crisis team with representatives from the company and regional IT service providers.
Augmentation of the crisis team with specialized functions from the alite-Security network, including negotiation experts and experts in emergency and crisis communication to support the management.
Development of scenarios and decision points.
Resuming and restoring the IT infrastructure.
Documentation of the measures taken and daily reporting, as well as the preparation of a final report.
Communication with stakeholders of the company regarding the incident.
Assisting the management in coordinating all actors within the crisis team and the nationwide emergency teams in Austria.

Security architecture

Evaluation of a new security architecture for a nationally operating corporation.

Objective and Assignment

Increased threats from cybercrime and espionage necessitate a reevaluation of the current security architecture and the introduction of new technologies and services.

Solution

A multi-phase approach based on workshops and allocated hours was implemented.

Phase 1: Determination of the company's requirements and the protection needs of essential processes

Evaluation of suitable technologies based on current studies, interviews, and previous experiences to meet the requirements and protection needs.
Assessment of possible capabilities and functions of an adapted "Security Operations Center

Phase 2: Selection of appropriate technologies

Testing the technologies through workshops and proof of concepts.
Simultaneously, potential operational models for the technologies were assessed – ranging from in-house operations to complete outsourcing.
Development of the necessary capabilities and functions for the desired "Security Operations Center."

Phase 3: Decision-making and support in the business assessment.

Phase 4: Implementation of the decision made in several stages:

Introducing/improving vulnerability management
Implementing EDR/XDR
Initiating SOC operations with a selected partner
Creating related BCMS documentation and adapting the ISMS