Cyber  /  Public

Strengthen your IT security with cybersecurity audits and simulations

In France, 9 out of 10 companies have already been affected by an act of cyber maliciousness and 43% of them are SMEs. However, only 17% of SMEs are protected against cyber attacks...

The client's challenges and objectives

The management center of the Sarthe region (“Centre de Gestion de la Sarthe” in French) is involved in personnel management and development for the region’s local authorities. Their role is to undertake tasks related to the recruitment and management of certain categories of local government employees.

To meet the objective of strengthening IT security, this regional actor has sought the services of Novelis to implement additional security measures and thus mitigate the identified risks.

Our achievements

In order to secure our client’s organization and systems, our cybersecurity team took several actions:

An intrusion audit for three business applications: We analyzed the vulnerabilities of these applications and identified possible entry points for malicious attackers. We provided specific recommendations to strengthen the security of these applications.

Two white-box and black-box audits on our client’s IS: We carried out in-depth security audits on the information system, using both white-box (where we had access to information on the system) and black-box (where we simulated an external attack) audit techniques. We identified vulnerabilities and security gaps, and provided recommendations for correcting them.

A configuration and architecture audit: We assessed the configuration and architecture of our client’s information system to identify areas of risk and opportunities for improving security. We proposed recommendations to strengthen the security of the configuration and architecture.

A phishing simulation for all employees: We carried out a phishing simulation to test the awareness and vigilance of the company’s employees in the face of these attacks. We provided detailed reports on the results of the simulation, as well as recommendations for strengthening the organization’s security.

Results

By combining these 4 security audits and carrying out a simulated attack with our client’s employees, we were able to provide a comprehensive overview of the state of IT security, as well as a security plan to improve their security.

Novelis added value

Our expertise in cybersecurity

Cyber attacks are not the prerogative of large groups and in France 9 companies out of 10 have already been affected by a cyber malicious act.

Novelis offers its cybersecurity expertise in a pragmatic approach, integrating both the dimension linked to the analysis of the current situation (intrusion tests, audit, identification of internal and external threats…) and long-term support in terms of governance, processes and best practices to guard against cyber-attacks and establish a cyber-resilience mechanism.

Know more

Stanislas Perlinski

Head of IT department - Centre de gestion de la Sarthe

Management center of the Sarthe region called upon Novelis for a technical and organizational audit of the Information System Security. They proposed us a clear, relevant and rigorous analysis scenario. Their work allowed us to highlight weaknesses in our system that could have been damaging if they had been exploited by a malicious user. The clear and detailed reports allowed us to correct the weaknesses identified as quickly as possible, and gave us tools and guidelines to improve our security practices and procedures in the long term.