Manufacturing Industry / vCISO Case Study

The Challenge

The client discovered ransomware on its systems and immediately sprang into action, reaching out to longtime partner Streamline Communications which led to an instant connection with the IGI Incident Response Team. IGI engaged with the client and began its incident response work right away.

IGI was tasked with identifying how the ransomware got into system so the client could control and fix any security gaps. IGI quickly discovered that the client had an outdated virus protection platform, a firewall, and some other basic network security equipment they relied on to protect themselves. But no combination of tools was fully protecting them, since much of cybersecurity relies on the human element—employee knowledge and training, security expertise, and thorough security assessments.

“There’s no doubt about it that there were vulnerabilities. We just always thought we were small enough that we wouldn’t be on anyone’s radar,” the client said.

Unfortunately, no business is too small to be the victim of a cyber-attack. If there is valuable employee, client, or product information, a hacker will view that business as a potential target. In this case, not long after the first attack, the client discovered a separate active cyber incident weeks later, prompting them to reach out to IGI and Streamline to re-engage them in an investigation.

The Solution

In both instances, IGI’s Incident Response Team worked quickly and remotely to successfully identify the attacks and resolve the situations.

“IGI was able to help us identify where the intrusion started both with the original attack, and second attack, providing a thorough report and great insight into how it all happened,” the client said.

“IGI is very easy to work with and very responsive,” said Jaime Turner of Streamline Communications, who brought the IGI team in to help its client. “One phone call to IGI and with 5-10 minutes we were on call with the customer helping to resolve their issues. IGI jumped right into the situation, which was not a great situation.”

While IGI was able to help the client resolve two separate incidents, it became clear that the client was a target for cyber criminals and that this might become an ongoing issue. Within a couple weeks of the attacks, IGI was brought in as the client’s Virtual CISO to provide ongoing cybersecurity support and expertise.

The benefits of its vCISO engagement are unique from the incident response projects, the client said. Now, the client has access to a full team with the necessary expertise and resources to manage its cybersecurity strategy, rather than react to incoming attacks.

“There are plenty of areas we need to improve on,” the client said. “Our engagement with IGI has helped bring to light a lot of those and highlight other areas we weren’t even looking at.”

The Result

IGI’s Virtual CISO program is a completely customizable service that gives clients access to an expert team of cybersecurity professionals for a fraction of the cost of hiring a full-time CISO or security professional.

The client found value in having regular touchpoints and calls with the IGI team to address their concerns and goals. The client has since implemented new tools and programs that were recommended by IGI to improve its policies and procedures, endpoint protection, vulnerability management, and other core areas of cybersecurity.

“We weren’t careless, but we were also trusting in our employees, giving them access that we thought made sense. We weren’t necessarily taking the right precautions to protect ourselves if anything inadvertently happened and someone was taking advantage of that,” the client said.

By implementing proper policies and procedures, training employees, and relying on IGI’s expertise, the client was able to resolve its cybersecurity concerns.

Employees became more aware of potential pitfalls, like phishing attempts and other email scams, the client said. They now know what to look for and to take that extra look before you choose to download or open something unknown.

“The one big thing that did come from all of this is that security is now a priority,” the client said. “It’s not a matter of if, but when something will come along that will hit
a workstation or two. You can’t prevent everything, but you can keep it from spreading. If someone downloads something its isolated, we fix it, and move on. It’s been a huge improvement for us to adopt a secure and isolated environment.”

“It’s very reassuring and helpful to have experts that don’t want to just give you an answer and move on but seem to be invested in the cybersecurity and overall well-being of the company,” the client said. “They are engaged with helping [the company] be in a better position to not be such an easy target to exploit.”

*The identity of the client has been redacted to ensure their privacy and keep them secure.