How Grayce has ensured strong frontline protection against cyberattacks and fulfilled compliance requirements with a fully managed phishing campaign
Grayce
Case Study
The Requirement
Grayce is an award-winning Transformation Consultancy, partnering with some of the world’s most ambitious organisations to help deliver change and transformation. With over a decade’s experience developing and deploying high performing talent, Grayce delivers a low-risk and scalable solution and enables long-term capability.
Grayce’s Accelerated Development Programme has successfully launched the careers of thousands of Analysts who are transforming into the next generation of digital leaders and innovators.
Grayce’s workforce has grown exponentially over the last few years, with the company consecutively being listed as one of Europe’s fastest-growing companies.
As part of the growth and maturity of the company, Grayce has successfully implemented accreditations such as ISO 27001. To maintain compliance with these accreditations, Grayce must conduct a Phishing campaign at least once per year. The company also wants to ensure that it had strong due diligence against its policies and procedures and could provide assurances to suppliers and clients that their data is being fully protected.
For more information read the full case study.
“The DigitalXRAID team worked very collaboratively with us and response times were great, with the initial set up of the templates and the launch of the campaign all running very smoothly.
Through open communication we were able to understand how the campaign was performing each day and take immediate action if needed.
I would be happy to recommend DigitalXRAID’s services.”
Tom Clowes, Head of Technology, Grayce
The Solution
Grayce engaged DigitalXRAID to conduct a fully managed phishing simulation, training and awareness campaign to fulfil necessary compliance requirements.
Before the campaign was launched, the DigitalXRAID team worked to understand Grayce’s specific requirements and to ensure compliance objectives would be met.
In order to design the most effective template for Grayce’s requirements, the team gathered information about the variance and trends in email communications that Grayce staff are currently seeing, and therefore the complexity needed.
The final step before the campaign launch was to design and review templates that would fulfill all of Grayce’s needs. In the background, the DigitalXRAID team also needed to legitimise the look of the campaign and clicked URL, plus subsequent actions such as credential harvesting or attempted software download, by taking steps that included registering domain names.
Following successful test email sends which ensured that the emails wouldn’t get caught by current technical defences, the campaign was launched company wide.
For a full description of the solution provided by DigitalXRAID, read the full case study.
The Results
Phishing is one of the key attack vectors that cybercriminals use to try to infiltrate an organisations systems and networks, and constantly remains one of the key cyber threats to any business.
Grayce now has a deep understanding of how its staff respond to phishing threats and has ensured that it’s at lower risk of future threats from phishing scams. As part of the campaign, staff were also given security awareness training, so they are armed with the most up to date information and advice.
Grayce is now able to evidence compliance against its accreditation requirements but also improve and mature its processes alongside its growth.
As part of its continued growth and maturity of its cybersecurity posture, Grayce will also be conducting regular penetration testing to ensure that all risks and vulnerabilities are addressed before they could be exploited.
To see how DigitalXRAID could help you protect your systems, applications and data, get in touch with our team of experts today.
Protect Your Business & Your Reputation.
With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.