Search
Close this search box.

Grimshaw Global

Share:

The aim of this engagement was to test the integrity of Grimshaw Global’s security architecture by attempting to discover and exploit any vulnerabilities on the Grimshaw Global network infrastructure.

Gridware was also asked to determine the likelihood of an attacker gaining unauthorised access to the network.

Background

Grimshaw Global is an international architectural firm which covers all major sectors and has been honoured with over 200 international design awards for its commitment to design excellence. The company’s work is characterised by strong conceptual legibility, innovation and a rigorous approach to detailing, all underpinned by the principles of humane, enduring and sustainable design. The practice is dedicated to the deepest level of involvement in the design of its buildings in order to deliver projects which meet the highest possible standards of excellence. In order to continue delivering meaningful designs that bring value and joy to their clients while implementing the highest level of cybersecurity controls, Grimshaw Global engaged Gridware for a Network Security Penetration Test.

Challenge

Operating globally and employing over 600+ staff comes with significant challenges. One of the difficulties associated with having offices globally means that malicious threat actors are presented with multiple points of entry. In addition, the organisation works with several larger clients who increasingly look for partners/suppliers who share the same level of concern relating to cybersecurity.

Many clients now require cybersecurity reports to be filled out before signing up with the organisation. The IT team needed to make sure they could complete these questionnaires confidently, knowing that they had addressed any vulnerabilities found.

While Grimshaw Global already had some capabilities to assess their own applications’ security, they also needed to ensure that their security solutions are up to industry standards. Grimshaw Global sought an external cyber security vendor in Gridware that could identify any potential security vulnerabilities and offer solutions.

The Solution

The IT Manager established that an annual Penetration Test was needed to assure customers that security was always a focus. In line with best practice, they looked to move to a different provider to ensure that a range of tests were conducted to unearth any new vulnerabilities. The Penetration Testers work completely independently of the account management team, so they have a fresh perspective when undertaking a new test. Prior to the start date the Testing team undertake a project review of the scope to establish what parts of the network need to be tested and any specific timeframes that need to be considered (e.g. out of hours).

The Penetration Testers did a full range of tests utilising the most up to date tools and technology. This included both automated Vulnerability Scanning and manual Penetration Testing.

Once the testing was completed, detailed reports were compiled that highlighted all vulnerabilities present within the network. Each vulnerability was assigned a rating from critical, high, medium or low, allowing the organisation to address any issues in a systematic way, dealing with the most important vulnerabilities first.

Once the client has confirmed that all vulnerabilities have been addressed, Gridware conducts a re-verification test to confirm that all changes have been made correctly.

The Outcome

The whole test was delivered on time and with no disruption caused to the business, which meant the remediation stage could begin immediately. The IT team were keen to address the vulnerabilities in-house as quickly as possible to reduce their exposure to any external threat actors.

The tests have allowed the company to maintain their regulatory compliance and provided added confidence to prospective clients.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →