Luke Tenery is a Senior Managing Director and the Cybersecurity Practice Leader at Ankura Consulting Group, located in the Chicago, IL office. He has more than 15 years of experience in handling complex cyber issues covering investigations and forensics, data privacy and security, and security management. Mr. Tenery has an extensive background in leading cyber incident response and investigations into a wide array of active and emergent cybersecurity threats while leveraging industry best practices and relevant threat intelligence capabilities. He also has extensive experience in applying cybersecurity risk management leadership in threat and incident management, cybersecurity operations, security policy development, and IT project management and implementation, among others.
Prior to joining Ankura, Mr. Tenery served at a global risk management and investigations firm where he most recently rose to deputy cyber practice leader, as well as leading another cyber practice group covering incident response. He was regularly called upon to mitigate complex computer intrusion and breach matters through investigation and to devise strategies to contain and eradicate threats in client networks and systems. Mr. Tenery was also responsible for aligning and developing practice capabilities and offerings to respond to and mitigate current and emergent cyber risks and threats.
In addition to his deep leadership experience in cyber incident response and investigations, Mr. Tenery led many significant matters covering cyber risk management and information security management. Among several achieved industry leading certifications, Mr. Tenery is a certified network penetration tester where he was regularly engaged to ethically compromise the security of client systems and simulate attacker computer intrusion activities. Further, he proactively assisted clients in incident and breach preparedness exercises such as table top exercises and specialized security awareness training. Mr. Tenery regularly applied information security leadership functions for his clients, conducting risk assessments, compliance and security standard reviews (PCI-DSS, ISO, NIST, GLBA, FFIEC), GAP analyses, and security policy development, among others.
Some of the more notable information risk management engagements included threat identification and compromise assessments highlighting active or previously unidentified computer intrusions or threat actors on client systems. In his prior role, Mr. Tenery developed the primary methodologies and delivery capabilities for the execution of these compromise assessments on a global basis.
Through his experience, Mr. Tenery has been privileged to manage a variety of highly sensitive cybersecurity risks associated with a myriad of threats. Some of his more notable engagements include the following:
- Persistent Threat Investigation – A global company had been compromised by a foreign attacker. Mr. Tenery identified the tactics, techniques and procedures (TTPs) that the attacker used to ex-filtrate data and quantify what data was exposed. Mr. Tenery also identified the indicators of compromise (IOCs) so the client could continue its containment efforts to lockout the attacker.
- Organized Crime Attack – FIN4 Bio-Pharma – Mr. Tenery identified the organized crime group FIN4 in a bio-pharma’s Cloud environment. The attacker was successfully identified and removed while also determining what data was affected.
- Payment Card Incidents – While previously certified as a QSA, Mr. Tenery was regularly sought out on a privileged basis to assist clients in responding to payment card breach matters by identifying various payment card information theft methods including point of sale (POS) memory scraping malware and e-commerce system compromise. Mr. Tenery’s analyses would confirm the timeline of compromise and advise on containment strategy.
- Global Risk Assessment and Intellectual Property Protection – Mr. Tenery assisted a global energy firm in assessing the risks of sending critical intellectual property (IP) out to third parties in developing countries. Following the risk assessment, he developed a security policy for protecting the IP and then conducted global audits of the vendors receiving the IP to ensure compliance with the IP protection security policy.
- Targeted Destructive Cyber Attacks – Mr. Tenery has responded to a wide array of targeted cyber-attacks including ransomware and cyber extortion. He has assisted firms in containing malware and ransomware incidents by confirming the damage, assisting in the recovery, and mitigating the infection.
- Data Breach Analysis – Mr. Tenery has assisted in the quantification of a variety of data breach exposures. He assisted a firm that had a secure file transfer site containing patient information exposed to the Internet. He assisted in confirming what information was accessed and crawled by public search engines.
- White Collar Intellectual Property Theft – Mr. Tenery assisted a global engineering firm in investigating the theft of source code. Mr. Tenery conducted forensics on digital evidence to identify the transference of the source code to removable media by third party contractors.
- Root Cause Analysis – Mr. Tenery has investigated the cause and source of systems outages including denial service attacks and failures of critical IT infrastructure devices.
- Third-Party Unauthorized Access – Mr. Tenery has been regularly engaged to audit and assess the impact of access by third parties to client systems as a result of government inquiry, threat intelligence or contract disputes.