Our client had suffered a business e-mail compromise that highlighted risks in their overall cloud security. The organisation was rapidly embracing cloud services including Office365, Azure and other third parties.
The security team were comfortable with the traditional on-premises environment, which was quickly becoming a legacy. The client wanted to understand how the incident had occurred and use it as a catalyst for a wider review of their cloud security architecture.
Our Incident Response team managed the fallout of the e-mail compromise, analysing how it had occurred and ensuring that the breach was contained. The team provided tactical security advice to prevent further similar breaches and reviewed the wider e-mail configuration for issues.
Our consulting team carried out a detailed review of the Office 365 platform and Azure architecture. We reviewed both the overall design of the system as well as specific controls against best-practice.
The client was able to demonstrate to their stakeholders that the breach had been contained, but also that it had led to lasting change.
The detailed security guidance produced by the MDR Cyber team allowed the client security team to implement best practice going forwards and provided a means to upskill the team to be more confident with security in the cloud.