CYE Reduces a Global Bank’s Cybersecurity Budget by 20%
The Challenge: Validate Full Protection Against Cyber Threat Actors
Following a series of recent data breaches of financial institutions, the bank asked CYE to validate that it was fully protected against various cyber threat actors and attack strategies. The bank was confident that it could handle serious cyber threats, based on a previous assessment performed by a large security provider that revealed just several minor vulnerabilities.
The Solution: Cyber Risk Assessment to Diagnose Vulnerabilities and Plan Mitigation
CYE’s combination of red team experts and AI technology allowed the organization to monitor its cyber exposure, diagnose vulnerabilities, and recommend a cost-effective mitigation plan.
CYE’s assessment included:
- Manual and automated attacks
- Remote and on-site engagement
- Black Box approach
- 12 weeks of assessment
- An optimized mitigation plan
Phase 1 – Baseline assessment
It took CYE’s team a few weeks to reach all critical business assets, as defined by the bank, after only being provided with a domain name.
Phase 2 – Optimal mitigation planning
After mapping all possible attack vectors, CYE’s Hyver used predictive analytics and unique algorithms to calculate the exploitability, severity, and potential business impact of each vulnerability. Hyver identified the most cost-effective mitigation steps by correlating business risks with remediation efforts, resulting in an optimal mitigation plan.
Phase 3 – Continuous support
For the final stage, CYE ensured that the bank received necessary guidance and support in order to build and maintain a strong cyber posture. This included:
- 24/7 incident response
- Supply chain risk evaluation
- Cyber awareness training
The Impact: Improved Resource Allocation and 20% Cybersecurity Budget Reduction
A few months after it began implementing the mitigation plan, the bank was able to make better-informed decisions about resource allocation. This resulted in removing unnecessary technologies and improving existing processes, allowing the bank to reduce its cybersecurity budget by 20%.
Hyver then continuously tested whether the mitigation plan was effectively implemented to validate that all issues were fixed.
By working with CYE, the bank received:
- A cost-effective mitigation plan prioritized according to the severity and exploitability of threats and potential business impact.
- Streamlined remediation with actionable recommendations to close security gaps.
- End-to-end validation of security measures and their effectiveness
- An objective and comprehensive assessment report, as well as a digestible and communicative dashboard to present to decision-makers.
- Access to the Hyver platform, including its dashboard, mitigation planner, findings, and more.
- As a result, the bank built a stronger cybersecurity posture that could help prevent cyberattacks from taking place.
“The nature of cybercrime is constantly changing, and every area of the business has a responsibility to protect the organization and our customers. Our security teams are well trained, but it is still very challenging to know where the next attack might come from. This is where CYE comes in.”
The Bank’s Global CISO