Case Study – Cyber Resilience in Chicago
WIMZKL was called upon to collaborate with a cutting edge creative agency in Chicago’s West Loop known for winning prestigious industry awards for their work on high-profile campaigns. They’re growing fast + recently acquired a digital agency to expand their capabilities on behalf of their clients, brands we all know + love.
In addition to the agency’s need to diagnose their vulnerability to cybercrime, the newly acquired digital practice added a significant amount of complexity to their operation + thereby the collective agency’s overall owned risk. They needed a partner to help them define + prioritize that risk + design a strategy that protects their operations, reputation + bottom line, while not putting a stranglehold on the creative culture that’s made them so successful.
WIMZKL presented the Resilience Diagnostic, a 4-step process intentionally designed to quickly + cost-effectively define these objectives + requirements.
The first step was Initiation, a friendly + memorable presentation about the project that elevated their leadership team’s understanding of how “risk” is defined in today’s digital world. This brought everyone up to speed on the current state of Information Security, Privacy + all the ways data is being compromised in environments similar to theirs + some strategies that can be used not only to help protect them, but to make sure they are prepared for when a breach happens because breaches WILL happen, which is why being aware of the risks is only half the battle. Being prepared to respond when incidents take place is the critical + often overlooked other half.
During this step, WIMZKL walked the team through some compelling true crime stories to help illustrate the value of being prepared when something happens vs. not. Stories work best to explain complicated stuff + stories are some of WIMZKL’s most powerful tools, told with style that afternoon.
The second step was getting to know everyone through Discovery, defining the agency’s greatest risks + then prioritizing them. WIMZKL interviewed the agency’s key stakeholders, including leadership, department directors + IT partners to build a complete picture, synthesized from a combination of quantitative + qualitative analysis.
In Step 3, Diagnostic, WIMZKL presented findings + made recommendations to the leadership team, giving them some effective analogies that made it easy for them to make their decisions on how to proceed with next steps, which did not involve any overhead or adding any new hardware or software, rather by better utilizing their existing tools.
In the midst of this, the agency suffered a data breach, achieved through a successful spear phishing attack against one of their key people. WIMZKL handled Digital Forensics + Incident Response through collaboration with their IT partner, guiding them to quickly implement critical recommendations from Step 3 in the Resilience Diagnostic in order to mitigate the attack as well as make the agency more resilient against any further future attacks.
Step 4, Realization, is ongoing. Building Cyber Resilience into an organization is not a project so much as a process. Making sure the Resilience Strategy adapts + evolves as the business grows ensures our work maintains its value + continues to protect the agency.
Protecting an organization’s culture is an important ingredient for this success, which is why this is top-of-mind for WIMZKL, ensuring the agency’s Resilience Strategy is refined in ways that nurtures it + doesn’t squelch it.
WIMZKL serves as the agency’s Chief Information Security Officer, providing guidance on things like Cyber Awareness Training, Cyber Insurance requirements, claims, communication + overall fluency + awareness of a rapidly changing landscape. The agency needs this intelligence, especially now that they’re winning clients in regulated industries like financial services. In these situations, they rely on WIMZKL to represent their interests, ask good questions + get answers to things they may or may not have known about or thought to ask.
Together, our partnership is successful on many levels: we’ve created a Cyber Resilience Strategy that forwards the goals of growing the business while minimizing risks to their clients, their reputation + the bottom line, while valuing + protecting the creative culture they’ve worked hard to build that led them to success in the first place.
WIMZKL would like to help you, too. Please get in touch. Meanwhile, thanks for reading.