December 2, 2021
Financial Organization Required Stronger Security Awareness Training & Vulnerability Management

Challenge

A financial services firm that had experienced security incidents in the past found that 33% of their employees were failing routine phishing tests. They did not have a Chief Information Security Officer (CISO) in place, and needed strategic guidance to help them better understand their environment and strengthen their security awareness training program.

Case Study

Solution

The client reached out to CBI, and our Virtual CISO (vCISO) experts were engaged. Through surveys and interviews with key stakeholders, we evaluated the organization’s cybersecurity stack and the current maturity level of their security awareness training program.

Armed with insight into their environment and tools, we were able to identify and acquire the threat intelligence sources they needed to develop and maintain strong vulnerability and patch management processes, and advance their user education and data security initiatives.

Top concerns and risk factors in specific areas of the organization were identified, and short and long-term goals were developed to facilitate the advancement of awareness training from annual, compliance-focused efforts to continuous activities focused on motivating employees to promote the organization’s security and business goals.

Results

CBI developed an actionable roadmap to help the client address the human element of cybersecurity and accelerate vulnerability management processes.

Detailed recommendations have enabled them to operationalize threat intelligence at scale to quickly detect and address threats, without overburdening their security team. Insight into gaps in their
defenses and a better understanding of how threat actors think, collaborate, and act has enabled them
to make informed decisions and keep their systems up to date.

Phishing susceptibility rates have been reduced as our vCISO experts continue to guide the organization’s progression towards an engaging approach to security awareness training that drives behavioral change and reduces the impact of security incidents.


View Case Study
About the Author
Leon Malkowych
Leon Malkowych
Director
Leon Malkowych brings more than 15 years of network and security expertise to his role as Director of Architecture, Implementation and Management Services with CBI. He oversees the strategy, development, and delivery of services designed to help organizations align cybersecurity capabilities with desired business outcomes and strengthen defenses across people, process, and technology. He has extensive experience leading teams of highly experienced engineers, and helping clients build and mature their cybersecurity posture.
I Need To...