Awardit
From Uncertainty to Cyber Resilience
How can AwardIt, a fast-growing company, turn fragmented security into long-term resilience?
Awardit, a leading loyalty and incentive platform provider, needed a phased, business-aligned approach where governance, testing and operations worked together to meet operational demands and regulatory requirements such as ISO 27001 and NIS2.
The Challenge
- Low internal security maturity across entities.
- Vendor and supplier-related risks that were hard to manage.
- Pressure from GDPR and the upcoming NIS2 directive.
- Real exposure from outdated access and authentication controls.
Engagement Approach
Governance via a Virtual CISO (oversight, risk management, board-level guidance); recurring penetration tests across networks, applications and cloud assets; a centralized SOC monitoring ~200 endpoints (SIEM correlation, vulnerability scanning, real-time threat hunting), reducing potential exposure by up to 36 MSEK.
Results & Impact
- Executive buy-in: cybersecurity embedded as a board-level topic.
- Operational resilience: faster detection, forensic support, structured response workflows.
- Compliance readiness aligned to ISO 27001 and NIS2.
- Quantifiable financial impact: exposure cut by tens of MSEK.
Cypro helped us move from uncertainty to structure. Their team translated complex risks into clear, practical actions we could take, even with limited resources. The support has been patient, pragmatic, and focused on what matters most to our business.