SlideShare ist ein Scribd-Unternehmen logo

Practice Consulting Case

W
Waina Landauro

Help 404 Society overcome their business problems. This presentation includes the introduction prompt and a step-by-step method to solve the case.

Bildung
1 von 8
Downloaden Sie, um offline zu lesen
Practice Consulting Case: Society 404 By Waina Landauro, IESE MBA
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 2 IESE Consulting Club Case: Cybercrime Syndicate (1/7) ● Interviewee led (primarily) ● Revenue increase ● Cybersecurity industry Case Prompt 404 Society, a cybercrime underground organisation, makes money from hacking companies. It either extorts money from blocking access to computer systems (ransomwares) or sells its service for corporate espionage. The leader has come to you to help him grow his business. There are lots of hacking products and targets available and the group is confused about which sector to focus on and which products to use to grow the revenues of the business. Clarifying Answers ● The company focused on the Industry sector as their IT systems are usually less protected and is an easier target ● Ransomware extortion cost $50k to develop and can be used for 3 months. Every successful attack brings $10k to 404 ● Corporate espionage costs $100k of development each time but brings back $350k to 404. ● 404 usually pays a 40% commission fee to its agents who successfully performs the attacks ● The market is huge, so competition does not really matter ● 404 Society finds its clients through Dark Web Marketplaces and is paid in cryptocurrencies (Monero) ● The ransomwares have a life cycle. After a while, they become useless and need to be replaced by another updated tool. ● 404 society performed 120 Ransomware attacks and 50 corporate espionage last year all in the industry sector. ● 404 society has the same capacity for numbers of attacks from year to year.
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 3 IESE Consulting Club Case: Cybercrime Syndicate (2/7) Interviewer Guide This is a case that the candidate will need to lead with the use of questioning. The goal of the case is to determine the best product-market fit to boost the revenues of the company. Guide the candidate with answering clarifying questions. The ideal candidates will understand that they need to calculate the revenues of 404 Society First. After being shown exhibit #1, a strong candidate will quickly interpret the cost structure table. The best candidates will include the agent’s salaries and understand the lifecycle cost without being prompted. The best candidates will also quickly compare the current total costs of the company and the costs of investing in Banking attacks. Banking attacks are not possible because they require much more capital. An excellent candidate will realise at question #3 that Espionage is much more profitable than ransomware attacks. Thus the new hires should be placed in the espionage department. An outstanding candidate will see that there is no point on wasting resources on ransomware and will propose to shut it down to only focus only on Espionage. Finally, an outstanding candidate will mention cryptocurrencies and legal aspects of the business as being major risks and will offer creative solutions to mitigate those risks. Timeline 1) Calculate the current revenues of 404 Society 2) Using prompt #1 and Exhibit #1, calculate the margins with Ransomware and Corporate Espionage 3) Make a recommendation on which industry and which product to focus on 4) Using prompt #2 and Exhibit #2, calculate the revenue per agent and make a recommendation 5) Make qualitative suggestions
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 4 IESE Consulting Club Case: Cybercrime Syndicate (3/7) Question #1 What is the current profit of 404 Society? Solution #1 ● Total Costs = 4*50 + 50*(100) = 200 + 5000 = 5200 ● Total revenues = (120*10) + (50*350) = 18700 ● Profit = (120*10)-(4*50) + 50*(350-100) = 13500 → 40% of salaries → 13500*0.6= 8100
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 5 IESE Consulting Club Case: Cybercrime Syndicate (4/7) Question #2 Which industry and which Ransomware should 404 Society focus on to increase their profitability? How much more profit can 404 society increase with your recommendation? (show Exhibit 1) Solution #2 ● Margins from Corporate Espionage ○ Banking = 2*6000 - 20000 = €8M ○ IT = 3*3000 - 6000 = €-3M ○ Industry = 350 - 100 = €250k ○ Energy = 300 - 150/(0.7) = €85k ○ Retail = 50 - 100 = €50k Industry is the most profitable sector for corporate espionage Solution is not Banking. Even though it is the most profitable option, 404 society only invests 5M in development, not enough for the banking option. (Which requires 12M) ● Margins from Ransomware: ○ COVID-19 = (120*10) - 4*50 = (120*10) - 200 = 1000 ○ COVID-20 = (120*10) - 2*120 = (120*10) - 240 = 960 ○ COVID-21 = (120*10) - 6*30 = (120*10) - 180 = 1020 COVID 21 is the most profitable Ransomware
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 6 IESE Consulting Club Case: Cybercrime Syndicate (5/7) Question #3 404 Society is looking to hire 3 more agents. In which department should the company hire those 3 agents? (Show exhibit 2) Solution #3 ● Profit per Agent: Ransomware ○ 120/3 = 40 attacks per agent ○ Cost per Attack = 4*50k / 120 = 1,667k ○ Profit per Attack = 10k - 1.66k = 8.33k ○ Profit per agent = 40*(8.33)= $333k ● Profit per Agent: Espionage ○ 50/10 = 5 attacks per agent ○ Profit per Agent = 5*(350-100) = 5*250= $1250k Espionage is much more profitable than Ransomware attacks. The new recruits should be hired in the Espionage department. The ideal candidate will identify an opportunity to close the ransomware department and transfer all the agents to Espionage
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 7 IESE Consulting Club Case: Cybercrime Syndicate (6/7) Question #4 How else could 404 Society grow revenues? What risks are there to the sustainability of the business? Solution #4 This is the qualitative part of the case, the candidate is supposed to reflect on creative ways to improve revenues. Reflections can include the following: ● Recruit more agents to perform more attacks ● Negotiate better commission (less than 40%) ● Improve the efficiency of development (reduce costs) ● Offer more efficient money laundering scheme (cryptocurrencies are volatile) ● Speculate on crypto-currencies and/or mine them ● Find other revenue channels (ethical hacking, security consulting, government services, spam, credit card theft, identify theft, etc…) ● Contingency plan if getting caught
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 8 IESE Consulting Club Case: Cybercrime Syndicate (7/7) Exhibit #1 CORPORATE ESPIONAGE Industry Revenue per attack (k€) Cost per Attack (k€) Success Rate Banking 20000 6000 50% Tech/IT 6000 3000 33% Industry 350 100 100% Energy 300 150 70% Retail 100 50 100% RANSOMWARE Name LifeCycle Revenue per attack (k€) Cost of Dev (k€) Success Rate COVID-19 3 months 10 50 100% COVID-20 6 months 10 120 100% COVID-21 2 months 10 30 100% Exhibit #2 COMPANY ORGANISATION Department # of AGENTS # of Attacks per year RANSOMWARE 3 120 ESPIONAGE 10 50 Cost Structure of 404 Society Current Organisational Structure

Empfohlen

AssetManagers
AssetManagersAssetManagers
AssetManagersEamonn Ryan
 
FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA
 
Daisy Präsentation
Daisy PräsentationDaisy Präsentation
Daisy PräsentationAlois Thöni
 
Cyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesCyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesTom Freer
 
Interview with Mr
Interview with MrInterview with Mr
Interview with MrDemetrios Zamboglou Chartered FCSI
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdfAlliance Recruitment Agency - Staffing Agency In California, Esplanade Avenue, Pacifica, CA, USA
 
Tech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsTech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsCorum Group
 

Empfohlen

AssetManagers
AssetManagersAssetManagers
AssetManagersEamonn Ryan
 
FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA
 
Daisy Präsentation
Daisy PräsentationDaisy Präsentation
Daisy PräsentationAlois Thöni
 
Cyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesCyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesTom Freer
 
Interview with Mr
Interview with MrInterview with Mr
Interview with MrDemetrios Zamboglou Chartered FCSI
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdfAlliance Recruitment Agency - Staffing Agency In California, Esplanade Avenue, Pacifica, CA, USA
 
Tech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsTech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsCorum Group
 
Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsChristine Maligec, CRM-E, CRIS
 
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...Selling to Zebras, LLC
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursPeter Szymanski
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyPeter Szymanski
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesAaron Ross
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurityDonagh Kiernan
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensaakash malhotra
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...EMC
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a scienceJohn Nanno
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly ReportCorum Group
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docxsmumbahelp
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdRosa Williams
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTRamon Ray
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability ProgramAneissa
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2kingdog05
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesTatiana Siyanko
 
Start up valuation methods
Start up valuation methodsStart up valuation methods
Start up valuation methodsMamoon Ismail Khalid
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy Alan See
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"National Information Standards Organization (NISO)
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 

Weitere ähnliche Inhalte

Ähnlich wie Practice Consulting Case

White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...Selling to Zebras, LLC
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursPeter Szymanski
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyPeter Szymanski
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesAaron Ross
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurityDonagh Kiernan
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensaakash malhotra
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...EMC
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a scienceJohn Nanno
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly ReportCorum Group
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docxsmumbahelp
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdRosa Williams
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTRamon Ray
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability ProgramAneissa
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2kingdog05
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesTatiana Siyanko
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy Alan See
 

Ähnlich wie Practice Consulting Case (19)

Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and Eskins
 
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for Entrepreneurs
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound sales
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurity
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a science
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docx
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 Sd
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPT
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability Program
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stages
 
Start up valuation methods
Start up valuation methodsStart up valuation methods
Start up valuation methods
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy
 

Kürzlich hochgeladen

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...RKavithamani
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 

Kürzlich hochgeladen (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 

Practice Consulting Case

  • 1. Practice Consulting Case: Society 404 By Waina Landauro, IESE MBA
  • 2. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 2 IESE Consulting Club Case: Cybercrime Syndicate (1/7) ● Interviewee led (primarily) ● Revenue increase ● Cybersecurity industry Case Prompt 404 Society, a cybercrime underground organisation, makes money from hacking companies. It either extorts money from blocking access to computer systems (ransomwares) or sells its service for corporate espionage. The leader has come to you to help him grow his business. There are lots of hacking products and targets available and the group is confused about which sector to focus on and which products to use to grow the revenues of the business. Clarifying Answers ● The company focused on the Industry sector as their IT systems are usually less protected and is an easier target ● Ransomware extortion cost $50k to develop and can be used for 3 months. Every successful attack brings $10k to 404 ● Corporate espionage costs $100k of development each time but brings back $350k to 404. ● 404 usually pays a 40% commission fee to its agents who successfully performs the attacks ● The market is huge, so competition does not really matter ● 404 Society finds its clients through Dark Web Marketplaces and is paid in cryptocurrencies (Monero) ● The ransomwares have a life cycle. After a while, they become useless and need to be replaced by another updated tool. ● 404 society performed 120 Ransomware attacks and 50 corporate espionage last year all in the industry sector. ● 404 society has the same capacity for numbers of attacks from year to year.
  • 3. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 3 IESE Consulting Club Case: Cybercrime Syndicate (2/7) Interviewer Guide This is a case that the candidate will need to lead with the use of questioning. The goal of the case is to determine the best product-market fit to boost the revenues of the company. Guide the candidate with answering clarifying questions. The ideal candidates will understand that they need to calculate the revenues of 404 Society First. After being shown exhibit #1, a strong candidate will quickly interpret the cost structure table. The best candidates will include the agent’s salaries and understand the lifecycle cost without being prompted. The best candidates will also quickly compare the current total costs of the company and the costs of investing in Banking attacks. Banking attacks are not possible because they require much more capital. An excellent candidate will realise at question #3 that Espionage is much more profitable than ransomware attacks. Thus the new hires should be placed in the espionage department. An outstanding candidate will see that there is no point on wasting resources on ransomware and will propose to shut it down to only focus only on Espionage. Finally, an outstanding candidate will mention cryptocurrencies and legal aspects of the business as being major risks and will offer creative solutions to mitigate those risks. Timeline 1) Calculate the current revenues of 404 Society 2) Using prompt #1 and Exhibit #1, calculate the margins with Ransomware and Corporate Espionage 3) Make a recommendation on which industry and which product to focus on 4) Using prompt #2 and Exhibit #2, calculate the revenue per agent and make a recommendation 5) Make qualitative suggestions
  • 4. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 4 IESE Consulting Club Case: Cybercrime Syndicate (3/7) Question #1 What is the current profit of 404 Society? Solution #1 ● Total Costs = 4*50 + 50*(100) = 200 + 5000 = 5200 ● Total revenues = (120*10) + (50*350) = 18700 ● Profit = (120*10)-(4*50) + 50*(350-100) = 13500 → 40% of salaries → 13500*0.6= 8100
  • 5. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 5 IESE Consulting Club Case: Cybercrime Syndicate (4/7) Question #2 Which industry and which Ransomware should 404 Society focus on to increase their profitability? How much more profit can 404 society increase with your recommendation? (show Exhibit 1) Solution #2 ● Margins from Corporate Espionage ○ Banking = 2*6000 - 20000 = €8M ○ IT = 3*3000 - 6000 = €-3M ○ Industry = 350 - 100 = €250k ○ Energy = 300 - 150/(0.7) = €85k ○ Retail = 50 - 100 = €50k Industry is the most profitable sector for corporate espionage Solution is not Banking. Even though it is the most profitable option, 404 society only invests 5M in development, not enough for the banking option. (Which requires 12M) ● Margins from Ransomware: ○ COVID-19 = (120*10) - 4*50 = (120*10) - 200 = 1000 ○ COVID-20 = (120*10) - 2*120 = (120*10) - 240 = 960 ○ COVID-21 = (120*10) - 6*30 = (120*10) - 180 = 1020 COVID 21 is the most profitable Ransomware
  • 6. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 6 IESE Consulting Club Case: Cybercrime Syndicate (5/7) Question #3 404 Society is looking to hire 3 more agents. In which department should the company hire those 3 agents? (Show exhibit 2) Solution #3 ● Profit per Agent: Ransomware ○ 120/3 = 40 attacks per agent ○ Cost per Attack = 4*50k / 120 = 1,667k ○ Profit per Attack = 10k - 1.66k = 8.33k ○ Profit per agent = 40*(8.33)= $333k ● Profit per Agent: Espionage ○ 50/10 = 5 attacks per agent ○ Profit per Agent = 5*(350-100) = 5*250= $1250k Espionage is much more profitable than Ransomware attacks. The new recruits should be hired in the Espionage department. The ideal candidate will identify an opportunity to close the ransomware department and transfer all the agents to Espionage
  • 7. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 7 IESE Consulting Club Case: Cybercrime Syndicate (6/7) Question #4 How else could 404 Society grow revenues? What risks are there to the sustainability of the business? Solution #4 This is the qualitative part of the case, the candidate is supposed to reflect on creative ways to improve revenues. Reflections can include the following: ● Recruit more agents to perform more attacks ● Negotiate better commission (less than 40%) ● Improve the efficiency of development (reduce costs) ● Offer more efficient money laundering scheme (cryptocurrencies are volatile) ● Speculate on crypto-currencies and/or mine them ● Find other revenue channels (ethical hacking, security consulting, government services, spam, credit card theft, identify theft, etc…) ● Contingency plan if getting caught
  • 8. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 8 IESE Consulting Club Case: Cybercrime Syndicate (7/7) Exhibit #1 CORPORATE ESPIONAGE Industry Revenue per attack (k€) Cost per Attack (k€) Success Rate Banking 20000 6000 50% Tech/IT 6000 3000 33% Industry 350 100 100% Energy 300 150 70% Retail 100 50 100% RANSOMWARE Name LifeCycle Revenue per attack (k€) Cost of Dev (k€) Success Rate COVID-19 3 months 10 50 100% COVID-20 6 months 10 120 100% COVID-21 2 months 10 30 100% Exhibit #2 COMPANY ORGANISATION Department # of AGENTS # of Attacks per year RANSOMWARE 3 120 ESPIONAGE 10 50 Cost Structure of 404 Society Current Organisational Structure