Security & Privacy Review – Maritime
TenIntelligence recently performed a Cyber/Data security review of a client’s technology and security capabilities following a reported security breach.
In order to provide assurance it met the extensive information security challenges for the digital age of business, our consultants performed penetration testing analysis, cyber security systems evaluation and an assessment of information security procedures.
The incident itself was a targeted phishing campaign, followed up with social engineering of several team members over a period of months, resulting in the change of supplier bank accounts details, allowing the perpetrator the mechanism to obtain funds by way of fraud.
Our consultants quickly identified the control breakdown in procedural authority and repeatable behaviours, and was able to prevent additional losses to the client. On conclusion of the assignment our Director provided a detailed incident response briefing and leadership threat assessment on the current security threats the client faced, ending with introducing the topic of the General Data Protection Regulations (GDPR) that came into effect on 25 May 2018.
Since the incident, our team have returned and have been able to provide the client an additional GDPR gap analysis and incident response plan for ‘in the event of’ a cyber attack, data breach or security incident.