Customer’s profile:
A technology company head-quartered in Hong Kong providing IT services to enterprises globally
Customer’s challenge:
Recent incidents involving third party compromise
Solution delivered:
Theos delivers two Red Team Cyber Assessment each year to the customer by emulating a real attack scenario, with the goal of improving the security defences as well as the security response to actual real-world attacks.
- As part of the assessment, Theos performed an Advanced Persistent Threat (APT) attack, which aims to gain access to and exfiltrate sensitive information within the customer’s HR and Finance Department.
- The Assessment follows a Black Box Approach, which mimics how an attacker typically approaches an APT attack. This means the client does not share any specific knowledge as to the internal workings of the organisation. THEOS will have no pre-existing access to any asset, or information of the internal architecture and security controls.
Values delivered to the customer:
- Actionable insights into the successful attack vectors leveraged during the exercise with recommendations around policies, systems and processes
- Re-run of the successful TTPs once the remediation had been implemented
- Successfully met regulatory requirements
