Customer’s profile:
One of the largest insurance company in Asia, 6000 employees and agents 10 countries in Asia. The company offers life and medical insurance, general insurance, employees benefits.
Customer’s challenge:
- Annual exercise to assess the cyber resilience of a specific business unit
- Regulatory requirement to conduct at least one red team exercise per year
- Strategy of continuous security improvement based on rotating assessments
Solution delivered:
- Theos conducted an end-to-end Advanced Persistent Threat scenario with no initial knowledge of the target users, assets and infrastructure
- The objective of the exercise was the identification and exfiltration of sensitive information, with a focus on customer data
- The exercise was successful in that the objective was met within the timeline and boundaries set under the agreed rules of engagement
Values delivered to the customer:
- Actionable insights into the successful attack vectors leveraged during the exercise with recommendations around policies, systems and processes
- Re-run of the successful TTPs once the remediation had been implemented
Successfully met regulatory requirements