SlideShare una empresa de Scribd logo

Practice Consulting Case

W
Waina Landauro

Help 404 Society overcome their business problems. This presentation includes the introduction prompt and a step-by-step method to solve the case.

Educación
1 de 8
Descargar para leer sin conexión
Practice Consulting Case: Society 404 By Waina Landauro, IESE MBA
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 2 IESE Consulting Club Case: Cybercrime Syndicate (1/7) ● Interviewee led (primarily) ● Revenue increase ● Cybersecurity industry Case Prompt 404 Society, a cybercrime underground organisation, makes money from hacking companies. It either extorts money from blocking access to computer systems (ransomwares) or sells its service for corporate espionage. The leader has come to you to help him grow his business. There are lots of hacking products and targets available and the group is confused about which sector to focus on and which products to use to grow the revenues of the business. Clarifying Answers ● The company focused on the Industry sector as their IT systems are usually less protected and is an easier target ● Ransomware extortion cost $50k to develop and can be used for 3 months. Every successful attack brings $10k to 404 ● Corporate espionage costs $100k of development each time but brings back $350k to 404. ● 404 usually pays a 40% commission fee to its agents who successfully performs the attacks ● The market is huge, so competition does not really matter ● 404 Society finds its clients through Dark Web Marketplaces and is paid in cryptocurrencies (Monero) ● The ransomwares have a life cycle. After a while, they become useless and need to be replaced by another updated tool. ● 404 society performed 120 Ransomware attacks and 50 corporate espionage last year all in the industry sector. ● 404 society has the same capacity for numbers of attacks from year to year.
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 3 IESE Consulting Club Case: Cybercrime Syndicate (2/7) Interviewer Guide This is a case that the candidate will need to lead with the use of questioning. The goal of the case is to determine the best product-market fit to boost the revenues of the company. Guide the candidate with answering clarifying questions. The ideal candidates will understand that they need to calculate the revenues of 404 Society First. After being shown exhibit #1, a strong candidate will quickly interpret the cost structure table. The best candidates will include the agent’s salaries and understand the lifecycle cost without being prompted. The best candidates will also quickly compare the current total costs of the company and the costs of investing in Banking attacks. Banking attacks are not possible because they require much more capital. An excellent candidate will realise at question #3 that Espionage is much more profitable than ransomware attacks. Thus the new hires should be placed in the espionage department. An outstanding candidate will see that there is no point on wasting resources on ransomware and will propose to shut it down to only focus only on Espionage. Finally, an outstanding candidate will mention cryptocurrencies and legal aspects of the business as being major risks and will offer creative solutions to mitigate those risks. Timeline 1) Calculate the current revenues of 404 Society 2) Using prompt #1 and Exhibit #1, calculate the margins with Ransomware and Corporate Espionage 3) Make a recommendation on which industry and which product to focus on 4) Using prompt #2 and Exhibit #2, calculate the revenue per agent and make a recommendation 5) Make qualitative suggestions
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 4 IESE Consulting Club Case: Cybercrime Syndicate (3/7) Question #1 What is the current profit of 404 Society? Solution #1 ● Total Costs = 4*50 + 50*(100) = 200 + 5000 = 5200 ● Total revenues = (120*10) + (50*350) = 18700 ● Profit = (120*10)-(4*50) + 50*(350-100) = 13500 → 40% of salaries → 13500*0.6= 8100
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 5 IESE Consulting Club Case: Cybercrime Syndicate (4/7) Question #2 Which industry and which Ransomware should 404 Society focus on to increase their profitability? How much more profit can 404 society increase with your recommendation? (show Exhibit 1) Solution #2 ● Margins from Corporate Espionage ○ Banking = 2*6000 - 20000 = €8M ○ IT = 3*3000 - 6000 = €-3M ○ Industry = 350 - 100 = €250k ○ Energy = 300 - 150/(0.7) = €85k ○ Retail = 50 - 100 = €50k Industry is the most profitable sector for corporate espionage Solution is not Banking. Even though it is the most profitable option, 404 society only invests 5M in development, not enough for the banking option. (Which requires 12M) ● Margins from Ransomware: ○ COVID-19 = (120*10) - 4*50 = (120*10) - 200 = 1000 ○ COVID-20 = (120*10) - 2*120 = (120*10) - 240 = 960 ○ COVID-21 = (120*10) - 6*30 = (120*10) - 180 = 1020 COVID 21 is the most profitable Ransomware
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 6 IESE Consulting Club Case: Cybercrime Syndicate (5/7) Question #3 404 Society is looking to hire 3 more agents. In which department should the company hire those 3 agents? (Show exhibit 2) Solution #3 ● Profit per Agent: Ransomware ○ 120/3 = 40 attacks per agent ○ Cost per Attack = 4*50k / 120 = 1,667k ○ Profit per Attack = 10k - 1.66k = 8.33k ○ Profit per agent = 40*(8.33)= $333k ● Profit per Agent: Espionage ○ 50/10 = 5 attacks per agent ○ Profit per Agent = 5*(350-100) = 5*250= $1250k Espionage is much more profitable than Ransomware attacks. The new recruits should be hired in the Espionage department. The ideal candidate will identify an opportunity to close the ransomware department and transfer all the agents to Espionage
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 7 IESE Consulting Club Case: Cybercrime Syndicate (6/7) Question #4 How else could 404 Society grow revenues? What risks are there to the sustainability of the business? Solution #4 This is the qualitative part of the case, the candidate is supposed to reflect on creative ways to improve revenues. Reflections can include the following: ● Recruit more agents to perform more attacks ● Negotiate better commission (less than 40%) ● Improve the efficiency of development (reduce costs) ● Offer more efficient money laundering scheme (cryptocurrencies are volatile) ● Speculate on crypto-currencies and/or mine them ● Find other revenue channels (ethical hacking, security consulting, government services, spam, credit card theft, identify theft, etc…) ● Contingency plan if getting caught
A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 8 IESE Consulting Club Case: Cybercrime Syndicate (7/7) Exhibit #1 CORPORATE ESPIONAGE Industry Revenue per attack (k€) Cost per Attack (k€) Success Rate Banking 20000 6000 50% Tech/IT 6000 3000 33% Industry 350 100 100% Energy 300 150 70% Retail 100 50 100% RANSOMWARE Name LifeCycle Revenue per attack (k€) Cost of Dev (k€) Success Rate COVID-19 3 months 10 50 100% COVID-20 6 months 10 120 100% COVID-21 2 months 10 30 100% Exhibit #2 COMPANY ORGANISATION Department # of AGENTS # of Attacks per year RANSOMWARE 3 120 ESPIONAGE 10 50 Cost Structure of 404 Society Current Organisational Structure

Recomendados

AssetManagers
AssetManagersAssetManagers
AssetManagersEamonn Ryan
 
FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA
 
Daisy Präsentation
Daisy PräsentationDaisy Präsentation
Daisy PräsentationAlois Thöni
 
Cyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesCyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesTom Freer
 
Interview with Mr
Interview with MrInterview with Mr
Interview with MrDemetrios Zamboglou Chartered FCSI
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdfAlliance Recruitment Agency - Staffing Agency In California, Esplanade Avenue, Pacifica, CA, USA
 
Tech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsTech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsCorum Group
 

Recomendados

AssetManagers
AssetManagersAssetManagers
AssetManagersEamonn Ryan
 
FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA European Risk and Insurance Report (ERIR) 2016
FERMA European Risk and Insurance Report (ERIR) 2016FERMA
 
Daisy Präsentation
Daisy PräsentationDaisy Präsentation
Daisy PräsentationAlois Thöni
 
Cyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesCyber Security Challenges and Strategies
Cyber Security Challenges and StrategiesTom Freer
 
Interview with Mr
Interview with MrInterview with Mr
Interview with MrDemetrios Zamboglou Chartered FCSI
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdf
7 Key Factors to Consider When Choosing IT Recruiters in San Diego.pdfAlliance Recruitment Agency - Staffing Agency In California, Esplanade Avenue, Pacifica, CA, USA
 
Tech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsTech M&A Monthly: Q1 Report 2017 – New Buyers and Valuations
Tech M&A Monthly: Q1 Report 2017 – New Buyers and ValuationsCorum Group
 
Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsChristine Maligec, CRM-E, CRIS
 
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...Selling to Zebras, LLC
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursPeter Szymanski
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyPeter Szymanski
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesAaron Ross
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurityDonagh Kiernan
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensaakash malhotra
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...EMC
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a scienceJohn Nanno
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly ReportCorum Group
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docxsmumbahelp
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdRosa Williams
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTRamon Ray
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability ProgramAneissa
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2kingdog05
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesTatiana Siyanko
 
Start up valuation methods
Start up valuation methodsStart up valuation methods
Start up valuation methodsMamoon Ismail Khalid
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy Alan See
 
Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesRased Khan
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Mohamed Rizk Khodair
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resourcesdimpy50
 

Más contenido relacionado

Similar a Practice Consulting Case

White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...Selling to Zebras, LLC
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursPeter Szymanski
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyPeter Szymanski
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesAaron Ross
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurityDonagh Kiernan
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensaakash malhotra
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...EMC
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a scienceJohn Nanno
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly ReportCorum Group
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docxsmumbahelp
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdRosa Williams
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTRamon Ray
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability ProgramAneissa
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2kingdog05
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon BradyStarttech Ventures
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesTatiana Siyanko
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy Alan See
 

Similar a Practice Consulting Case (19)

Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and Eskins
 
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...White Paper - Selling in the New Normal: For Organizations with Complex Sales...
White Paper - Selling in the New Normal: For Organizations with Complex Sales...
 
Bitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for EntrepreneursBitspiration 2015 Presentation for Entrepreneurs
Bitspiration 2015 Presentation for Entrepreneurs
 
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon ValleyUE Startups -- 9 Factors in Raising Funding in Silicon Valley
UE Startups -- 9 Factors in Raising Funding in Silicon Valley
 
Predictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound salesPredictable revenue guide to tripling your sales part 3 - outbound sales
Predictable revenue guide to tripling your sales part 3 - outbound sales
 
Opportunities in CyberSecurity
Opportunities in CyberSecurityOpportunities in CyberSecurity
Opportunities in CyberSecurity
 
Cybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lensCybersecurity through the Deloitte lens
Cybersecurity through the Deloitte lens
 
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
Ponemon Institute: The 2013 eCommerce Cyber Crime Report - Safeguarding Brand...
 
Sales is both an art and a science
Sales is both an art and a scienceSales is both an art and a science
Sales is both an art and a science
 
2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report2014 Tech M&A Monthly - Quarterly Report
2014 Tech M&A Monthly - Quarterly Report
 
E-Business.docx
E-Business.docxE-Business.docx
E-Business.docx
 
Soal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 SdSoal Essay Ipa Kelas 4 Sd
Soal Essay Ipa Kelas 4 Sd
 
Donna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPTDonna Wells (Mindflash) Small Biz Tech Tour PPT
Donna Wells (Mindflash) Small Biz Tech Tour PPT
 
Covered Calls Probability Program
Covered Calls Probability ProgramCovered Calls Probability Program
Covered Calls Probability Program
 
Covered Calls Probability Program 2
Covered Calls Probability Program 2Covered Calls Probability Program 2
Covered Calls Probability Program 2
 
4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady4th Digital Finance Forum, Simon Brady
4th Digital Finance Forum, Simon Brady
 
Startup Valuation: from early to mature stages
Startup Valuation: from early to mature stagesStartup Valuation: from early to mature stages
Startup Valuation: from early to mature stages
 
Start up valuation methods
Start up valuation methodsStart up valuation methods
Start up valuation methods
 
Competing in a Social Economy
Competing in a Social Economy Competing in a Social Economy
Competing in a Social Economy
 

Último

Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesRased Khan
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Mohamed Rizk Khodair
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resourcesdimpy50
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...Sayali Powar
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersPedroFerreira53928
 
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxStudents, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
 
Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17Celine George
 
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya - UEM Kolkata Quiz Club
 
Championnat de France de Tennis de table/
Championnat de France de Tennis de table/Championnat de France de Tennis de table/
Championnat de France de Tennis de table/siemaillard
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptxmansk2
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesashishpaul799
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTechSoup
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17Celine George
 
Basic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.pptBasic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.pptSourabh Kumar
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePedroFerreira53928
 
Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportAvinash Rai
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxCapitolTechU
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxakshayaramakrishnan21
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaasiemaillard
 

Último (20)

Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matrices
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resources
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
 
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxStudents, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
 
Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17Features of Video Calls in the Discuss Module in Odoo 17
Features of Video Calls in the Discuss Module in Odoo 17
 
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
 
Championnat de France de Tennis de table/
Championnat de France de Tennis de table/Championnat de France de Tennis de table/
Championnat de France de Tennis de table/
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyes
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17
 
Basic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.pptBasic_QTL_Marker-assisted_Selection_Sourabh.ppt
Basic_QTL_Marker-assisted_Selection_Sourabh.ppt
 
PART A. Introduction to Costumer Service
PART A. Introduction to Costumer ServicePART A. Introduction to Costumer Service
PART A. Introduction to Costumer Service
 
Operations Management - Book1.p - Dr. Abdulfatah A. Salem
Operations Management - Book1.p - Dr. Abdulfatah A. SalemOperations Management - Book1.p - Dr. Abdulfatah A. Salem
Operations Management - Book1.p - Dr. Abdulfatah A. Salem
 
Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
 
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptxslides CapTechTalks Webinar May 2024 Alexander Perry.pptx
slides CapTechTalks Webinar May 2024 Alexander Perry.pptx
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptx
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 

Practice Consulting Case

  • 1. Practice Consulting Case: Society 404 By Waina Landauro, IESE MBA
  • 2. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 2 IESE Consulting Club Case: Cybercrime Syndicate (1/7) ● Interviewee led (primarily) ● Revenue increase ● Cybersecurity industry Case Prompt 404 Society, a cybercrime underground organisation, makes money from hacking companies. It either extorts money from blocking access to computer systems (ransomwares) or sells its service for corporate espionage. The leader has come to you to help him grow his business. There are lots of hacking products and targets available and the group is confused about which sector to focus on and which products to use to grow the revenues of the business. Clarifying Answers ● The company focused on the Industry sector as their IT systems are usually less protected and is an easier target ● Ransomware extortion cost $50k to develop and can be used for 3 months. Every successful attack brings $10k to 404 ● Corporate espionage costs $100k of development each time but brings back $350k to 404. ● 404 usually pays a 40% commission fee to its agents who successfully performs the attacks ● The market is huge, so competition does not really matter ● 404 Society finds its clients through Dark Web Marketplaces and is paid in cryptocurrencies (Monero) ● The ransomwares have a life cycle. After a while, they become useless and need to be replaced by another updated tool. ● 404 society performed 120 Ransomware attacks and 50 corporate espionage last year all in the industry sector. ● 404 society has the same capacity for numbers of attacks from year to year.
  • 3. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 3 IESE Consulting Club Case: Cybercrime Syndicate (2/7) Interviewer Guide This is a case that the candidate will need to lead with the use of questioning. The goal of the case is to determine the best product-market fit to boost the revenues of the company. Guide the candidate with answering clarifying questions. The ideal candidates will understand that they need to calculate the revenues of 404 Society First. After being shown exhibit #1, a strong candidate will quickly interpret the cost structure table. The best candidates will include the agent’s salaries and understand the lifecycle cost without being prompted. The best candidates will also quickly compare the current total costs of the company and the costs of investing in Banking attacks. Banking attacks are not possible because they require much more capital. An excellent candidate will realise at question #3 that Espionage is much more profitable than ransomware attacks. Thus the new hires should be placed in the espionage department. An outstanding candidate will see that there is no point on wasting resources on ransomware and will propose to shut it down to only focus only on Espionage. Finally, an outstanding candidate will mention cryptocurrencies and legal aspects of the business as being major risks and will offer creative solutions to mitigate those risks. Timeline 1) Calculate the current revenues of 404 Society 2) Using prompt #1 and Exhibit #1, calculate the margins with Ransomware and Corporate Espionage 3) Make a recommendation on which industry and which product to focus on 4) Using prompt #2 and Exhibit #2, calculate the revenue per agent and make a recommendation 5) Make qualitative suggestions
  • 4. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 4 IESE Consulting Club Case: Cybercrime Syndicate (3/7) Question #1 What is the current profit of 404 Society? Solution #1 ● Total Costs = 4*50 + 50*(100) = 200 + 5000 = 5200 ● Total revenues = (120*10) + (50*350) = 18700 ● Profit = (120*10)-(4*50) + 50*(350-100) = 13500 → 40% of salaries → 13500*0.6= 8100
  • 5. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 5 IESE Consulting Club Case: Cybercrime Syndicate (4/7) Question #2 Which industry and which Ransomware should 404 Society focus on to increase their profitability? How much more profit can 404 society increase with your recommendation? (show Exhibit 1) Solution #2 ● Margins from Corporate Espionage ○ Banking = 2*6000 - 20000 = €8M ○ IT = 3*3000 - 6000 = €-3M ○ Industry = 350 - 100 = €250k ○ Energy = 300 - 150/(0.7) = €85k ○ Retail = 50 - 100 = €50k Industry is the most profitable sector for corporate espionage Solution is not Banking. Even though it is the most profitable option, 404 society only invests 5M in development, not enough for the banking option. (Which requires 12M) ● Margins from Ransomware: ○ COVID-19 = (120*10) - 4*50 = (120*10) - 200 = 1000 ○ COVID-20 = (120*10) - 2*120 = (120*10) - 240 = 960 ○ COVID-21 = (120*10) - 6*30 = (120*10) - 180 = 1020 COVID 21 is the most profitable Ransomware
  • 6. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 6 IESE Consulting Club Case: Cybercrime Syndicate (5/7) Question #3 404 Society is looking to hire 3 more agents. In which department should the company hire those 3 agents? (Show exhibit 2) Solution #3 ● Profit per Agent: Ransomware ○ 120/3 = 40 attacks per agent ○ Cost per Attack = 4*50k / 120 = 1,667k ○ Profit per Attack = 10k - 1.66k = 8.33k ○ Profit per agent = 40*(8.33)= $333k ● Profit per Agent: Espionage ○ 50/10 = 5 attacks per agent ○ Profit per Agent = 5*(350-100) = 5*250= $1250k Espionage is much more profitable than Ransomware attacks. The new recruits should be hired in the Espionage department. The ideal candidate will identify an opportunity to close the ransomware department and transfer all the agents to Espionage
  • 7. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 7 IESE Consulting Club Case: Cybercrime Syndicate (6/7) Question #4 How else could 404 Society grow revenues? What risks are there to the sustainability of the business? Solution #4 This is the qualitative part of the case, the candidate is supposed to reflect on creative ways to improve revenues. Reflections can include the following: ● Recruit more agents to perform more attacks ● Negotiate better commission (less than 40%) ● Improve the efficiency of development (reduce costs) ● Offer more efficient money laundering scheme (cryptocurrencies are volatile) ● Speculate on crypto-currencies and/or mine them ● Find other revenue channels (ethical hacking, security consulting, government services, spam, credit card theft, identify theft, etc…) ● Contingency plan if getting caught
  • 8. A WAY TO LEARN . A MARK TO MAKE. A WORLD TO CHANGEIESE Business School 8 IESE Consulting Club Case: Cybercrime Syndicate (7/7) Exhibit #1 CORPORATE ESPIONAGE Industry Revenue per attack (k€) Cost per Attack (k€) Success Rate Banking 20000 6000 50% Tech/IT 6000 3000 33% Industry 350 100 100% Energy 300 150 70% Retail 100 50 100% RANSOMWARE Name LifeCycle Revenue per attack (k€) Cost of Dev (k€) Success Rate COVID-19 3 months 10 50 100% COVID-20 6 months 10 120 100% COVID-21 2 months 10 30 100% Exhibit #2 COMPANY ORGANISATION Department # of AGENTS # of Attacks per year RANSOMWARE 3 120 ESPIONAGE 10 50 Cost Structure of 404 Society Current Organisational Structure