Shareholder ERIC WRIGHT has been involved with Information Technology with Schneider Downs since 1983 and oversees the firm’s thriving Technology Consulting and IT Audit & Compliance practices. Through this role, Eric brings extensive experience in assessing IT infrastructure and identifying cybersecurity risk and exposure.
One of our clients felt fairly good about their existing cybersecurity defenses. But they were still afraid of the unknown and newer cyber attack techniques. Through our regular audit procedures, we inquired about their current cyber controls and their confidence in withstanding an attack. We then performed a network penetration test which simulates an external adversary hacking their network. This procedure identified the client’s unknown weaknesses in their defenses through a live test.
“Within 48 hours, we were able to guess the passwords of close to 10% of their employees, effectively giving us VPN access to their corporate network and certain employee utilities, like email.” Eric said. “We also found that their corporate intranet site was visible over the internet and susceptible to login via the bad passwords. After identifying these issues, we worked with the client to make significant changes to their environment to make it harder for an attacker to break in.”
Schneider Downs provides Big Thinking and Personal Focus in delivering a variety of services for large and small businesses, both publicly and privately held, as well as nonprofit organizations, government entities and more. Through our commitment to thought leadership and knowledge management, we deliver the solutions our clients need with a personal commitment to service.