The Security Exchange Commission’s first ever enforcement action in the cybersecurity arena was filed against this investment advisor in September 2015 for failing to establish the required cybersecurity policies and procedures in advance of a breach ...
US utility company falls victim to a ransomware attack which initially costs the business just $25k. However, improving its control environment and implementing new security infrastructure ends up costing the business over $2 million.
The event act...
Somewhat ironically a company offering to protect individual’s identities online exposes their encrypted customer’s identities online and the ability to decrypt them.
Given their company's mission and product's intention, this had the potential to ...
After suffering a data exposure of at least 13GB of customer information covering 117,000 accounts the actions of one of the UK’s largest motoring associations provides a great insight into the importance of incident response.
An initial incorrect ...
In 2014, this event was one of the biggest hacks. The online auction giant disclosed the attack in May 2014 stating that it exposed names, addresses, dates of birth and encrypted passwords of 145 million users. Financial information which was stored...
Let us do the analysis so you can make the decisions
Premier risk-driven analysis
All our analysis is overseen some of the leading members of the risk community and includes
lessons learnt, controls environment and root cause analysis.
Learn more...
High-quality structured cyber dataset
Key attributes of each case - such as bad actor, costs incurred, failed controls etc.
- are captured through the Global Cyber Event Taxonomy
Learn more...
Consulting & training services
Our case studies have provided us with unique insights into the challenges
faced and strategies implemented by organisations countering cyber security threats.
Learn more...