Cyber case study
MNC cosmetics company can now focus on their job, thanks to Ethical Hack Bot
Client – One of the world’s largest cosmetics company
Our Role – Penetration testing and Ethical Hack Bot platform implementation
Industry – Consumer markets
Services – Cybersecurity
Protecting consumer data and privacy
Our cosmetics client has overseas branches across 10 Asia pacific countries. It’s very time consuming to consolidate all their e-commerce platform scan results and present the cybersecurity postures to the management on a timely basis. Even worse, some high risk findings were left unattended and forgot to remediate, which may create a critical impact to the company and put enormous consumer data at risk.
The real issue is not finding vulnerabilities in websites. Our client’s challenge is that vulnerabilities are found but no one is following up on those issues. And hackers are exploiting these vulnerabilities to cause sensitive data leakage, operational disruption or reputation loss to the company.
In PwC’s 23rd Annual Global CEO Survey, CEOs of consumer markets organisations see improving customer experience as their primary opportunity for growth. The challenge for consumer-focused companies include failing to delight customers or anticipate their needs to misusing their private information to falling prey to a sophisticated cyberattack. At the centre of all of these opportunities and risk is consumer data, and, increasingly, the prerequisite to getting that data is trust.
Ethical Hack Bot helps win customer’s trust
We previously helped the client on vulnerability management. The overall processes involved quite a lot of manual work, including scan scheduling, comparing vulnerabilities from previous scan results and preparing reports. All these tasks took up a lot of our security team's time and did not optimise the time in remediating the findings. Additionally, because these processes involved lots of manual work, inconsistency and human errors (e.g. missing patches, and missing remediation deadlines) are often happening. All these manpower overheads and pain points have troubled our client for a number of years. The Ethical Hack Bot, which uses robotics technology to automate the threat and vulnerability process, can help address our client’s pain points. Here’s how Ethical Hack Bot has helped our client:
- The seamless integration between multiple scanners and Ethical Hack Bot, assisted our client to now trigger scans on multiple scanners all at once. Holistic vulnerability results including OS layers and application layers of a system can be consolidated and presented in one dashboard.
- Security health check processes are now more efficient and transparent by following its workflows and automatic notifications. Every issue is being tracked and everyone knows the current conditions. This put our client’s application developers and owners, security teams on the spot light to take action.
- The built-in access roles and access controls enable our client to assign different roles like owner, BU leader, QC/QA etc. to appropriate stakeholders. Our client can now control access by the system control, and not manually anymore.
- The Ethical Hack Bot platform can generate vulnerabilities report automatically, and saved lots of team member’s time on preparing the reports. As a result, our client’s security team can now focus most of their time on addressing/fixing the real problems.
Closing the digital trust gap
Our client is able to streamline all the assessment works and standardise the vulnerability management processes including issues assignment, reporting and remediation to prevent human error. This would have saved 40-60% of the whole project time and around HK$2 million by using Ethical Hack Bot. Our client can now provide a real-time dashboard to management and drive actions or prioritise for the most critical issues.
Customers want to interact with companies that protect their personal data. PwC research indicates that they’ll take their business elsewhere if they don’t trust that a company is safeguarding their personal particulars.
Putting cybersecurity and customers’ privacy at the forefront of your business strategy—and backing it with proven security tactics—can help address consumer concerns and cement their loyalty.
Learn more about the Ethical Hack Bot.
contact us
