Prevention of cyber attacks with audit and awareness training

terreActive audited and made the regional Bank SLM more aware of digital vulnerabilities

Attacks on websites and web applications, and the loss of confidential client data are threatening scenarios for any company. This is why Bank SLM had its web applications audited. In Addition, It asked terreActive to prepare the bank's employees for various risk scenarios using simulated attacks in the form of phishing.

A Flashback to May 2017:
The regional bank SLM from Münsingen (between Berne and Thun) faces two important milestones: an optimized website is launched together with a new partner. At the same time, a new web application for managing customer events is rolled out. Two changes that pose an imminent risk of cyber attacks.

 

Multi-stage approach

  • Technology - a week point: penetration test
  • Humans - a week point: Phishing

Tools in use: LUCYSoftware made in Switzerland

Prevention instead of reaction: More information about the project goals, the procedure and the findings can be found in the PDF reference report.
 

The targeted phishing attack as part of the security awareness campaign was an educational experience for all of us. Thanks to this example of social engineering, we know what an attack might look like, meaning that we are prepared for it.


Fabio Semadeni
Head of Services
Bank SLM