Customer’s profile:

One of the largest insurance company in Asia, 6000 employees and agents 10 countries in Asia. The company offers life and medical insurance, general insurance, employees benefits.

Customer’s challenge:
  • Annual exercise to assess the cyber resilience of a specific business unit​
  • Regulatory requirement to conduct at least one red team exercise per year​
  • Strategy of continuous security improvement based on rotating assessments
Solution delivered:
  • Theos conducted an end-to-end Advanced Persistent Threat scenario with no initial knowledge of the target users, assets and infrastructure
  • The objective of the exercise was the identification and exfiltration of sensitive information, with a focus on customer data
  • The exercise was successful in that the objective was met within the timeline and boundaries set under the agreed rules of engagement
Values delivered to the customer:
  • Actionable insights into the successful attack vectors leveraged during the exercise with recommendations around policies, systems and processes​
  • Re-run of the successful TTPs once the remediation had been implemented​
    Successfully met regulatory requirements