Client
Industry-leading HR technology provider
Challenge
Overcoming a ransomware attack and restoring business stability
Solution
Corsica Technologies Incident Response Services
Results
Data restored & migrated to the cloud; Zero Trust strategy implemented
The Client: HR Saas Provider
This industry-leading provider of cloud-based HR technology solutions for small-to-midsized businesses offers labor optimization solutions delivered both directly and through a reseller channel to help employers manage their most important and expensive asset—employees.
As a SaaS platform provider, they have unique risks and opportunities in cybersecurity.
The Challenge: Overcoming a Ransomware Attack
With ransomware attacks topping 304 million worldwide in 2020 at a rate of one every eleven seconds, the risk of any business being a victim of ransomware is high. Being in the technology industry, the senior leaders of this software provider understood that the likelihood of an attack wasn’t a matter of if, but when.
“We realized in speaking with both our internal resources and outside vendors that you have to continue to evolve and strengthen your protection with ever-improving tools, and also be prepared for recovery and business continuity if it happens,” says the company CEO.
Even with a strong in-house IT team and a well-known managed security services provider (MSSP) as their partner, the company experienced a ransomware attack. Although the company quickly detected the compromise, it still caused a disruption to the business operations and applications.
Notwithstanding the fact the company had protections and policies in place for this type of event, the reality of the attack still came with some unexpected challenges. “What was going through my head was the realization that this had happened,” says the company CEO. “And then contemplating, what are my next steps in launching our plan for recovery?”
“What are my next steps in launching our plan for recovery?”
—HR technology provider CEO
The Solution:
Coordinating In-House IT and MSSP Efforts to Get the Business Back Online
In ramping up quickly to get operations back online, the HR solutions provider realized there was a disconnect between the primary focus of the MSSP on the pre-incident protection and intrusion detection, and the in-house IT team, which was working to quickly move the production system infrastructure and recovered data from servers to a clean and secure instance in the cloud. That’s when Corsica Technologies stepped in.
Given the communication challenges, the team at Corsica Technologies facilitated the exchange of critical information between the parties, provided around the clock technical resources and technical consultancy, and helped maintain the collective focus on delivering optimal business outcomes.
The Results:
A Stronger Security Posture That Proactively Protects Data
As a result of the breach, Corsica Technologies helped the software provider to implement a much broader zero-trust strategy to both identify weaknesses but also plan for how to address those vulnerabilities.
“Throughout this process, we realized that a threat doesn’t happen all at once, it happens over a series of steps. You start with hardening your identities, follow that up with monitoring, and then the most important piece is what happens when there’s a trigger – who’s going to do what?” says the company CEO.
“The number one thing is, who is going to get the call and respond, and what is the plan of action if someone does get through?”
—HR technology provider CEO
What Corsica Technologies Can Do For You
Proactively implementing robust cybersecurity protections and continuous monitoring services greatly reduces the chances of an attack. Partnering with the right cybersecurity services provider to manage these services or augment an in-house team should be part of a company’s overall strategic plan.
Responding to an extended critical disaster recovery or incident can require hands-on effort 24/7, pressuring the teams involved and causing an inability to clearly see and pursue the appropriate action plan. Bringing in an outside experienced, trusted team to help get the business back online and running efficiently is invaluable both to business continuity and your bottom line.
When asked what advice the software provider CEO would give to others going through a similar situation, the reply was “You can’t just look at your office network or production network as what you’re trying to secure. It’s about the multitude of access points, including people from employees to customers that are making access, and the continuous monitoring of those points. The number one thing is, who is going to get the call and respond, and what is the plan of action if someone does get through?”
Ready to solve your challenges?
Fill out the form, and a specialist will contact you within 1 business day to discuss your needs.
We look forward to connecting!
- 30+ years in business
- 300+ certifications
- 1,000+ clients
Cybersecurity | Managed IT | Digital Transformation
