Red Teaming at an Insurance Company

Case Study

> Markets > Financial Sector > Red Teaming at an Insurance Company - Case Study

Case Study: Red Teaming at an Insurance Company

Our client, a top insurance company in the Netherlands, wants to keep up with ever-changing cyber threats. The Security Officers recognize that standard penetration tests aren't covering all the cyber risks.

The Challenge: How to test cyber resilience

The insurance company wants an integrated approach to find weak spots in the cyber security. The organization decides to do a simulated 'real-life' attack with Secura's Red Teaming Assessment.

The Approach: A simulated attack

Together with the insurance company's security team, we perform a Red Teaming Assessment to deeply check the insurance company's cybersecurity. These are the steps:

01

Develop Real-Life Scenarios

We create realistic attack scenarios that insurance companies likely face.

02

Use the Unified Cyber Kill Chain

Our tests go through all stages of a real cyber attack, as described in the Unified Cyber Kill Chain. We check every part carefully.

03

Discover the Weak Spots

We discover new ways hackers could get to the company's most important data.

04

Work Closely with the Insurance Company's Security Team

We use the MITRE ATT&CK framework and worked with the company's security team.

05

Plan Next Steps

After finding weak spots, we provide the insurance company with a plan to mitigate the risks.

06

Improve SIEM (Security Incident and Event Management)

We help the company add new use cases to the Security Incident and Event Management platform (SIEM). This improves threat detection.

07

Train Staff

We train employees of the insurance company to spot phishing emails, a common way hackers get in.

08

Tabletop Cyber Crisis Management Workshop

We run a Tabletop Cyber Crisis Management Workshop to see how well the insurance company handles a real cybersecurity attack.

Highlight-image

The Result: Increased Cyber Resilience

USP

Result 1: Priority list of Vulnerabilities

The priority list of vulnerabilities provides a framework for remediation planning.

USP

Result 2: Enhanced Detection and Response

The new SIEM use cases and employee training improve the organization's ability to respond promptly to cyber threats.

USP

Result 3: Improved Incident Response

The client's response teams are better prepared for cyber incidents after the Tabletop Crisis Management Workshop.

USP

Result 4: Roadmap to Cyber Resilience

Our recommendations provide a clear roadmap for strengthening cybersecurity resilience.

Logo

More Information

Are you interested in a Red Teaming Assessment? Please fill out the form and we will contact you within one business day.

Quote by

Ben Brücker

Domain Manager Red Teaming | Senior Security Specialist Secura

Related Services

Red Teaming Assessment

Article image

How well does your organization hold up against cyber threats, such as RANSOMWARE? Use Secura's Red Teaming and practice with a 'real' cyber attack.

Tabletop Crisis Management

Article image

How does your organization perform in case of a severe cyber incident? Find out with Secura's Tabletop Cyber Crisis Management Workshop.

Other Services | Financial Sector

Article image

Check out our other services for the Financial Sector, like the DORA program

ABOUT SECURA

Secura is a leading cybersecurity expert. Our customers range from government and healthcare to finance and industry worldwide. Secura offers technical services, such as vulnerability assessments, penetration testing and red teaming. We also provide certification for IoT and industrial environments, as well as audits, forensic services and awareness training. Our goal is to raise your cyber resilience.

Secura is a Bureau Veritas company. Bureau Veritas (BV) is a publicly listed company specialized in testing, inspection and certification. BV was founded in 1828, has over 80.000 employees and is active in 140 countries. Secura is the cornerstone of the cybersecurity strategy of Bureau Veritas.