General Overview of the Customer
The customer is a large, well established multinational insurance provider offering services across the public and business sector.
A Trusted Partnership
Reliance Cyber and the customer began discussions in 2018 before working together on an initial scope of work for an holistic security engagement for a cloud review, code review and penetration testing in 2019. With excellent feedback received from the customer’s security team, we have become their trusted partner for a wide range of cyber security projects, providing a wraparound security service.
Recent projects undertaken for this customer include:
Penetration Testing Service
Prior to our involvement, penetration tests were commissioned individually by Project Managers, leaving the CISO with no visibility of the range of applications and risks. Reliance Cyber are working alongside the infosec function to track completed tests with detail on critical, high and medium vulnerabilities and how they change per test. This arms engineering teams with insights over time on where developers make repeated insecure coding errors and provides detail on where targeted upskilling could benefit.
Crisis Management Scenarios
To further develop this customer’s test, training and exercise (TT&E) program, Reliance Cyber are proposing periodic tabletop exercises that engage technical and executive stakeholders throughout the operations chain responsible for making critical decisions during a crisis. Known Tactics, techniques and procedures (TTPs) associated with threat actors that have targeted the customer and similar industry organisations will form part of the engagement to ensure the customer can harden defenses against specific threats.
The aim of the exercise is to provide the customer’s cyber security team with process realignment or refinement to ensure their crisis scenario plans are appropriate and complete and that all operational teams can effectively respond to, manage and recover in the event of a cyber event.
We are planning the customer’s first senior leadership team crisis management scenario, to be delivered in Q1 2022. Our specialists have prepared a simulation to recreate a potential crisis which will test the team’s response in a safe, monitored environment. Processes and procedures will be evaluated to ascertain whether they are fit for purpose, and where changes need to be made for future responses.
Threat Modelling
In conjunction with a significant network segmentation project, we have run a series of interactive workshops with network, Active Directory, and vulnerability management heads. They are designed to identify areas of control and weakness, identify threats, validate suspected threat, and support a better understanding of the risk posture. The aim is to provide advisory pre segmentation to be used as a benchmark point to articulate the reductions of risk once the project has completed.