An energy infrastructure firm, with a focus on terminaling services and Crude by Rail, launched an initial public offering in 2014. As a result, the firm faced an increase in regulatory disclosures and public interest, leading to a significant escalation in cyber-attacks. The client fell victim to a complex social engineering and phishing scheme that allowed hackers to get away with tens of thousands of dollars. Trenegy was engaged to help the client implement cybersafety controls to mitigate this type of risk.
Trenegy responded to this challenge by documenting the client’s current systems architecture and creating a risk map. With the client’s involvement, Trenegy then performed a cyber risk assessment,, which revealed several pervasive risks, that if left unaddressed, would allow for similar penetrations to occur. To mitigate these risks, Trenegy worked with the client to define and implement procedures, policies, and refined processes. To improve governance over the accounting, finance and business development departments, and to facilitate a successful handoff, Trenegy recommended and assisted the client with filling the position of IT Risk Manager.
The client has not been successfully hacked since the implementation of the cybersafety controls. They have been able to use Trenegy’s training and support deliverables to sustain a high level of vigilance across all of their functions. The Board of Directors were pleased with the results and the CAO and CFO plan to use Trenegy for any future projects.
According to the CFO, “Trenegy did a first class job of identifying our control risks and helped us to design controls that are both manageable and practical, while streamlining our business processes.”