Grant Thornton Cyber Defence Centre helps businesses fight back against costly attacks

Facing the combined forensic accountancy investigation skills of Grant Thornton with cutting-edge artificial intelligence was always going to be a match made in hell for cybercriminals, who must now contend with the company’s new Cyber Defence Centre.

Offering a unified Security Operations Centre, as well as endpoint detection and response capability, the Cyber Defence Centre has boosted Grant Thornton’s data breach response work, delivering a tenfold increase in response time to incidents, improving cost efficiency and reducing risk to clients.

With 96% of UK businesses having fallen foul of a damaging cyberattack in the past year, innovation in this area is crucial — making Grant Thornton a worthy addition as a cyber innovation pacesetter in Tech Monitor‘s inaugural Technology Leaders Index.

The challenge for the project team, led by Vijay Rathour, a former lawyer, hacker and cyber consultant, was to combine three technologies that typically exist in discrete silos — incident response, cyber consulting (pre- and post-breach), and emerging technologies, such as linguistic analysis and entity extraction.

The platform also brings on-board the company’s forensic capabilities in bitcoin and other cryptocurrencies, and its ability to conceptually analyse millions of documents. This means business risks to the breached client can be communicated quickly and clearly, spelling the likely commercial harm and customer damage resulting from a breach, rather than presenting it in terms of generic data volumes. All parties can then work proactively to manage the likes of regulatory fines and reputational damage, significantly reducing the impact of an attack.

Other technologies deployed as part of GT’s investigative approach include robotic process automation entity analysis and communication pattern analysis, and the company’s close relationship with the regulators has helped it pre-empt their requirements and manage breach fines down, as well as promoting proactive data hygiene rather than just waiting until an attack to take action.