Back Copy 3 back
Home // Project // Storm Guidance
Security & Investigations

Storm Guidance

image

STORM Guidance: a boutique-style advisory firm helping insurers, brokers, and their customers understand and respond effectively to cyber incidents

A refreshing and much more effective approach to cyber risk and incident management.

//overview_

STORM Guidance, a UK-based specialized & certified cyber risk and cyber incident advisory firm, was founded by highly experienced information security and cyber insurance experts to deliver a new, refreshing, and much more effective risk and incident management approach.

STORM Guidance stands for Strategic, Tactical & Operational Risk Management. It is a company that provides specialized tools and advisory services to aid organizations and their customers in effectively managing cyber risk at all levels. Their services offer clarity on information risks, plans for managing cyber incidents, and response coordination to investigate and recover when incidents occur. STORM Guidance has helped clients recover from various cyber incidents, including Ransomware, Business Email Compromise (BEC), Extortion, and Data Theft.

Since early 2020, we have been devoted to developing algorithms for multiple automatic operations maintaining sensitive data and solving UX issues according to the client’s needs.
As the next step in this partnership, we were trusted with the enhancements of the tool we developed for them and expanding the portfolio with additional tools for PII (private information) detections and cyber risk management.

Back Copy 3 Back Copy 3

// challenges_

A cyber breach to a cyber risk management company is no news, so data management for prevention and investigation is crucial for impeccable performance.

STORM Guidance approached us after they took over a new case of a cyber breach. As investigators whose purpose was to discover the source of the breach and determine how much (and what type) of information has been compromised, they realized their system needed some boost and optimization.

Our client used multiple tools for multiple services, which resulted in scattered data between many employees that is hard to sync. It is easy to miss important information and even easier to create data duplication, and both cases require a tedious amount of manual labour to detect and solve.

When we took over the project, one of the biggest challenges was developing algorithms for multiple automatic operations that would work on these data structures without breaking the data if the structure changed. On top of it, the system should’ve supported all users working on the data simultaneously, much like developers use GitHub to share code.

Last but not least, one of the challenges was to solve the UX problems since the client preferred the tool to be keyboard-based, similar to what they have previously used (Excel-like sheets). This was the most complex system we’ve ever built to be used (primarily) by a keyboard. 

Technical challenges

The technical challenge was to develop a platform that could support multiple roles such as Admins, Investigators, and Analysts.
Also, we needed to develop a system tailored to be used mostly by keyboard input. For this platform, we needed to implement security layers and main investigation tool with case management, user management, and reporting.

Back Copy 3
Back Copy 3

// solution_

The tool we built was able to import data from different platforms, combine it persistently and securely, and enable the agents to work on this data simultaneously without creating conflicts or blocking anybody from doing their job. At the same time, the tool tracks the source of all information in the system while masking all sensitive information and keeping a detailed audit of all actions (user's or automated) in the system. Our solution works with customized, dynamic, and flexible data structures.

// PYTHON/DJANGO // SCRIPTING // HTML / JAVASCRIPT / CSS // HEROKU // MONGODB // AWS SERVICES

Back-end

The back-end was developed in Python/Django. Superb technology for fast MVPs development. It helped Storm Guidance get a working product quickly to start using it internally and apply feedback. The application is a monolithic solution using Heroku as a host. We also use additional tools for generating reports and managing complex scheduling tasks.

Front-end

The frontend was developed using Django and JavaScript. The web application consists of data manipulation tools, reporting services, and multiple roles such as admins, investigators, reviewers, and other roles.

On-site visits and project kick-off and preparations

Project tasks breakdown

Milestone definition and time plan created.

Development started

Estimated approx. 9 months of development in iterations with team of 3 members First usable demo was out within 3 months.

STORM Guidance took time to do business assessment and future planning

Feedback from the client on new requirements, enhancements, and upgrades

Team visit to Mauritius and client visit in Macedonia for a In-person touchbase

New scope definition and planning take place

The same team is allocated to the clients again.

Product released for the client’s usage

Onboarded and trained team of admins, investigators and analysts.

New technical solutions were introduced to speed up client’s work and enhance their business potential

Plans for future and continuous collaboration

Team Formation

The realisation of the project was made possible with the team taking care of the complete product development, UI/UX, and software development in close collaboration with STORM Guidance.

Todor Panev

SINGLE POINT OF CONTACT
image Schedule a call
// PROJECT MANAGEMENT // DEVELOPMENT [BACKEND; FRONTEND] // UI/UX AND DESIGN // DEVOPS // QA

//results _

The solution received favorable feedback and acceptance from the employees that used it. They found it easy to use – simple enough, so they didn’t have downtime to learn a new tool, yet more modern and with more functionalities than their previous platform. The overall impression was that work is done faster and with fewer mistakes, and they spend less time reviewing and double-checking what is done. The client can now cover more active investigations with the same number of agents and finish those investigations quicker. 

We achieved a functional platform for our client by applying diverse expertise that covered backend, frontend, scripting, AWS, and DevOps). We reached a higher business understanding during the process due to the proactivity when discussing requirements/specifications. The client was happy with the ideas and opinions we shared.

 

image

"The detail into which they go for testing stands out. They’re also quite responsive whenever we raise a point. Delivering enhanced information regarding the extent and point of origin of cyberattacks, Web Factory LLC managed a successful project. Future clients will encounter a responsive, testing-focused partner."

image
// view on clutch
image

Narayan Gangalaramsamy

DIRECTOR OF OPERATIONS OF STORM GUIDANCE

STORM Guidance United Kingdom
>

Project highlights

1.

Onsite visits in Skopje and Mauritius with the team, discussing ideas, solutions and new approaches

2.

Team training for migration from using excel to using our software for the first time - they were able to work together at the same time instead of working separately and then merge their work

3.

The activation of first AI automated process on big data. Hundreds of human hours of productivity gained/saved

What about your story? Explore different customer touchpoints to digitalize! Drive brand loyalty by telling a digital story unlike any other before!
Contact us!

  • This website uses cookies to ensure you get the best experience on our website.

    Learn More
    Got it!