Our close working relationships are at the heart of our service
We worked with the Trustee and scheme management to understand the unique risks faced across the client’s full eco-system, including its reliance on suppliers to deliver its operations.
Using an industry leading cyber security framework we were able to identify the pension scheme’s current cyber maturity, including that of the sponsoring employer who supported it with technology, alongside its key suppliers. We then risk rated the identified gaps and developed actionable recommendations for leadership to raise standards across a number of governance, technology, people and incident response areas. Policy development then followed and cyber awareness and incident response training that was unique to the client and its industry was delivered, raising resilience and arming the scheme with the skills and direction to protect itself.�
Outcome and benefits
A long-term advisor relationship has since been established, supporting the client with annual assurance work to meet regulator expectations and keep the pension scheme ahead of emerging risks.
Crowe’s approach and activities
The client, a UK pension scheme with over 300,000 members holding over £20 billion in assets, required external specialist advice to shape its cyber governance strategy and raise its resilience against the emerging threat of cyber attacks, while meeting industry regulator standards.
Cyber governance support, strategy development and supply chain resilience
Case studies
Client benefits
A long-term advisor relationship has since been established, supporting the client with annual assurance work to meet regulator expectations and keep the pension scheme ahead of emerging risks.
Crowe’s approach and activities
We worked with the Trustee and scheme management to understand the unique risks faced across the client’s full eco-system, including its reliance on suppliers to deliver its operations.
Using an industry leading cyber security framework we were able to identify the pension scheme’s current cyber maturity, including that of the sponsoring employer who supported it with technology, alongside its key suppliers. We then risk rated the identified gaps and developed actionable recommendations for leadership to raise standards across a number of governance, technology, people and incident response areas. Policy development then followed and cyber awareness and incident response training that was unique to the client and its industry was delivered, raising resilience and arming the scheme with the skills and direction to protect itself.
The client's challenge
The client, a UK pension scheme with over 300,000 members holding over £20 billion in assets, required external specialist advice to shape its cyber governance strategy and raise its resilience against the emerging threat of cyber attacks, while meeting industry regulator standards.
Cyber governance support, strategy development and supply chain resilience
The client's challenge
The client was provided with a comprehensive suite of deliverables, which helped them to demonstrate to the FCA that they were appropriately assessing and managing cyber risks. In addition to providing the client with frameworks and policies to use moving forward, Crowe also provided practical recommendations to implement on a technical level to ensure their systems and networks were as robust as possible when the time came that they would become a listed entity.
Outcome and benefits
Understanding the client’s current position was integral for us to map out how we were going to support them reach their goals. We took a phased approach, firstly assessing the organisation from an internal and external perspective so we could initially secure their critical services and products and then their wider supply chain. A wider framework was developed for the client to manage their resilience in the long term, with new incident response and disaster recovery procedures and training to support with recovering from an incident. �
Crowe’s approach and activities
An emerging FinTech company engaged Crowe to deliver a number of projects designed to increase their resilience to cyber threats in order to comply with strict regulations set by the Financial Conduct Authority (FCA), and to help the client with their wider objective of becoming a listed entity.
The client's challenge
Cyber resilience strategy, framework review and incident response training
Crowe identified the fraud as a ‘man-in-the-middle’ attack and discovered the hacker had been controlling the account for over a year. The compromised account was shut down, and Crowe provided feedback on how the fraud occurred, mitigated immediate risks, and offered steps to improve future resilience against fraud and cybercrime. Additionally, Crowe delivered training to help the client recognise typical hacker activities.
Outcome and benefits
Crowe’s forensic team examined email chains related to inbound payments and performed advanced forensic analysis on audit logs and employee mailboxes. The investigation revealed that an ex-employee's email account was compromised, and emails were sent from spoofed domains, impersonating legitimate employees at both our client and the vendor. The hacker used inbox rules to manage communications through the Deleted Items folder or a controlled Gmail account.
Once Crowe determined that the mailbox had been compromised, the team helped to identify what personal data may have been impacted. The mailbox included 81,254 emails, of which 26,709 were responsive to Crowe’s search terms. Within the 26,709 files Crowe identified personal information belonging to 291 individuals. The data associated with these 291 individuals included sensitive information, including: names, mobile numbers, email addresses, bank account numbers and sort codes, National Insurance numbers, salary, next of kin, next of kin contact details, passport details and login details for various websites. ��
Crowe’s approach and activities
A global not-for-profit oil and gas industry association engaged Crowe to investigate a fraudulent payment of over £160,000. The client's vendor claimed the payment was made to the bank account listed on an invoice, but it was later found that the bank details had been altered, and the funds were sent to the wrong account. An initial review by the client’s IT team showed no suspect activity or system compromise, leading them to seek Crowe's expertise to uncover the fraud's source.
The client's challenge
Cyber enabled fraud, digital forensics and cyber awareness training
Client benefits
The client was provided with a comprehensive suite of deliverables, which helped them to demonstrate to the FCA that they were appropriately assessing and managing cyber risks. In addition to providing the client with frameworks and policies to use moving forward, Crowe also provided practical recommendations to implement on a technical level to ensure their systems and networks were as robust as possible when the time came that they would become a listed entity.
Crowe’s approach and activities
Understanding the client’s current position was integral for us to map out how we were going to support them reach their goals. We took a phased approach, firstly assessing the organisation from an internal and external perspective so as we could initially secure their critical services and products and then their wider supply chain. A wider framework was developed for the client to manage their resilience in the long term, with new incident response and disaster recovery procedures and training to support with recovering from an incident. �
The client's challenge
An emerging FinTech company engaged Crowe to deliver a number of projects designed to increase their resilience to cyber threats in order to comply with strict regulations set by the Financial Conduct Authority (FCA), and to help the client with their wider objective of becoming a listed entity.
Cyber resilience strategy, framework review and incident response training
Client benefits
Crowe identified the fraud as a ‘man-in-the-middle’ attack and discovered the hacker had been controlling the account for over a year. The compromised account was shut down, and Crowe provided feedback on how the fraud occurred, mitigated immediate risks, and offered steps to improve future resilience against fraud and cybercrime. Additionally, Crowe delivered training to help the client recognise typical hacker activities.
Crowe’s approach and activities
Crowe’s forensic team examined email chains related to inbound payments and performed advanced forensic analysis on audit logs and employee mailboxes. The investigation revealed that an ex-employee's email account was compromised, and emails were sent from spoofed domains, impersonating legitimate employees at both our client and the vendor. The hacker used inbox rules to manage communications through the Deleted Items folder or a controlled Gmail account.
Once Crowe determined that the mailbox had been compromised, the team helped to identify what personal data may have been impacted. The mailbox included 81,254 emails, of which 26,709 were responsive to Crowe’s search terms. Within the 26,709 files Crowe identified personal information belonging to 291 individuals. The data associated with these 291 individuals included sensitive information, including: names, mobile numbers, email addresses, bank account numbers and sort codes, National Insurance numbers, salary, next of kin, next of kin contact details, passport details and login details for various websites.
The client's challenge
A global not-for-profit oil and gas industry association engaged Crowe to investigate a fraudulent payment of over £160,000. The client's vendor claimed the payment was made to the bank account listed on an invoice, but it was later found that the bank details had been altered, and the funds were sent to the wrong account. An initial review by the client’s IT team showed no suspect activity or system compromise, leading them to seek Crowe's expertise to uncover the fraud's source.
Cyber enabled fraud, digital forensics and cyber awareness training