CASE STUDY: Sensitive Project Assurance
Client Problem
The client needed to understand the most significant vulnerabilities related to a critical team managing a sensitive procurement. The client tasked Blacksmiths with identifying attack pathways that could lead to the disclosure of sensitive information and cause substantial reputational damage to the business. The client asked Blacksmiths to use the findings to produce a bespoke training course to increase the security awareness of colleagues in the bid team.
Our Response
We set up an attack team to simulate how an insider and an investigative journalist would target the bid team and demonstrated through multiple stages (open-source intelligence, human recruitment and penetration tests) how this could be achieved. The exercise exposed how analysis of disparate information, including from sources with no links to the client, enabled the team to develop high-level attack plans against the bid team.
The Outcome
The end product was a custom training course including interactive videos that demonstrated how the bid team’s people, processes and policies could be subverted and lead to a compromise of sensitive information. The training course became an important resource for the client to ensure that all members of the bid team understand what they need to do to protect the business, and why.
Blacksmiths has proven experience in combining understanding of attack pathways and insider risk to create bespoke and impactful training courses for our clients. If you would like to learn more about our offerings in this area please contact us at info@blacksmithsgroup.com.