December 2, 2021
Financial Organization Required Stronger Security Awareness Training & Vulnerability Management

The Challenge

A financial services firm that had experienced security incidents in the past found that 33% of their employees were failing routine phishing tests. They did not have a Chief Information Security Officer (CISO) in place, and needed strategic guidance to help them better understand their environment and strengthen their security awareness training program.

Case Study

The Solution

The client reached out to CBI, and our Virtual CISO (vCISO) experts were engaged. Through surveys and interviews with key stakeholders, we evaluated the organization’s cybersecurity stack and the current maturity level of their security awareness training program.

Armed with insight into their environment and tools, we were able to identify and acquire the threat intelligence sources they needed to develop and maintain strong vulnerability and patch management processes, and advance their user education and data security initiatives.

Top concerns and risk factors in specific areas of the organization were identified, and short and long-term goals were developed to facilitate the advancement of awareness training from annual, compliance-focused efforts to continuous activities focused on motivating employees to promote the organization’s security and business goals.

The Results

CBI developed an actionable roadmap to help the client address the human element of cybersecurity and accelerate vulnerability management processes.

Detailed recommendations have enabled them to operationalize threat intelligence at scale to quickly detect and address threats, without overburdening their security team. Insight into gaps in their
defenses and a better understanding of how threat actors think, collaborate, and act has enabled them
to make informed decisions and keep their systems up to date.

Phishing susceptibility rates have been reduced as our vCISO experts continue to guide the organization’s progression towards an engaging approach to security awareness training that drives behavioral change and reduces the impact of security incidents.

View Case Study
About the Author
CBI | Cybersecurity Solutions
CBI Cybersecurity
CBI is a leading cybersecurity advisor to many of the world’s top tier organizations. Founded in 1991, CBI provides innovate, flexible and customizable solutions that help ensure data is secure, compliant and available. We engage in an advisory-led approach to safeguard our clients against the ever-changing threat landscape—giving them comprehensive visibility into their entire security program and helping them avoid cyber challenges before they can impact their data, business and brand. We are dedicated to the relentless pursuit of mitigating risks and elevating corporate security for a multitude of industries and companies of all sizes.
I Need To...