Legal services case study

Acquisitions without due diligence can lead to catastrophic data breaches. With QOMPLX’s unmatched, always-on, pre-acquisition and cybersecurity due diligence support, clients can aggressively grow with the ability to make risk-based decisions.

Download the case study to learn more

Challenge

Mossack Fonesca suffered a catastrophic data breach in 2016 when an anonymous source leaked 11.5 million files from the Panama-based law firm’s 200,000 clients, including prominent politicians, secretive firms, and wealthy individuals.

Experts found that the firm had not encrypted emails, was running outdated and vulnerable software, its network architecture was insecure, and its content management system had not been secured from SQL injection.

When one of the world’s top law firms saw what happened at Mossack Fonesca, they knew they couldn’t afford a similar fate.

Solution

QOMPLX installed a global cybersecurity strategy to support the firm’s acquisition-based growth initiatives that included:

• A sustainable M&A risk program to identify and fix exposures in acquisition targets: Scan and assess the client and its third party target’s internal and external cybersecurity assets and postures
• Minimizing mess with Privilege Assurance: Map trusts, spot configuration weaknesses, identify stale accounts and over permissioned accounts
• Protecting authentication with Identity Assurance: Spot attacks on any of the client’s Domain Controllers and member servers
• Gaining insights: Visibility into the Windows Event Log data to complement Privilege Assurance and Identity Assurance

Impact

Since first launching the three-part, pre-acquisition cybersecurity due diligence program for its client in 2019, QOMPLX has monitored the security posture of its client and the client’s acquisitions 24x7.

QOMPLX provided unmatched, always-on pre-acquisition and cybersecurity due diligence support that allowed the client to grow with the ability to make risk-based decisions aggressively.