They discovered that certain
customer data had been lost.
Amber Wealth
A Case Study
A
mber (Amber Wealth
Advisors) is a Bengaluru-
headquartered financial
advisory firm started by
two erstwhile technology
professionals from the wealth
management industry. Initially
formed to fulfil the needs
of high-income software
professionals, Amber’s current
customer base includes high
income salaried and self-
employed professionals from
all professions.
Built by technology
professionals, Amber was one
of the first companies to use
data analytics and AI for its
recommendations and led the
industry in automating many
of the business processes.
Despite its technology maturity,
Amber sold primarily face-
to-face and advised mostly
through face-to-face and
telephonic interactions, by
design. CEO Animesh Goyal
thought technology was used
in the front-end by many just to
enhance efficiency, often at the
cost of quality services. Amber
wanted to avoid that.
Amber used its first-round
funding in 2014 to enter the
tax advisory space which its
clientele badly needed and
did not get from the traditional
advisors. This required more
volume play and Amber went
online for serving this segment.
This was made possible by
the acquisition of an online
distributor of financial products,
which expanded its portfolio.
Most of Amber’s original
IT was on-premises. After
acquiring four companies,
©2021. CIO&Leader [Confidential: For private circulation only]
some of which were born
on cloud, Amber too has
moved a significant portion
to public cloud. Because of
its acquisitions, today, Amber
has presence in both AWS and
Azure even though majority of
its IT is still on-premises. It has
two data centers in Mumbai
and Hyderabad. It had built a
basic Security Operation Center
in Bengaluru.
The Pandemic
Challenge
As the pandemic hit in March
2020, Amber faced a serious
challenge. A lot of its selling
and advisory was face-to-face,
supported by phone. But in the
post-pandemic scenario, that
was not possible.
All the people who dealt with
customers – Sales, Customer
Services and Advisory Services
– had to work remotely from
home. That is when Amber
faced a series of attacks –
between September 2020 to
January 2021. By October, some
of the staff—and almost all IT
staff, including at the SOC – had
started working from office.
They managed to minimize the
impact.
However, the second wave
in April-May 2021 forced them
to work from home again. And
there was a massive attack
in June this year. As they
were even figuring out what
had happened, some of the
services crashed completely.
And as their own security team
and the outsourced IT support
team worked on it, it slowed
the services, shutting some.
Two external consultants who
were hired had differing opinion
about the cause of the attack.
One said it was a normal SQL
injection attack, while the other
claimed that it was a far more
sophisticated botnet attack,
powered by AI.
CIO Asit Agnihotri and his
team were sure that had they
been physically present in the
SOC at the time of attack, they
could have probably done a
better job. They had not been
used to tackle virtually when an
attack was actually happening.
CEO Animesh, who had built
the company of his dream
based on highly personalized
service and trust, was hugely
upset that such a big attack
happened. But being a tech
person, he knew that online
business, remote work, and
such sophisticated human-led
attacks are here to stay.
He wanted an assessment
and a holistic solution that
would work in such cases,
where security attacks can
be detected early, can be
tackled in real-time based on
how the attack unfolds, and
can be done even when not
all security professionals are
sitting in one center, something
that is becoming highly likely
amidst the uncertainty of the
pandemic.
Your
Task
Your task is to suggest a
solution for Amber using
the tools, technologies
and services that have
been presented to you
today.