The management center of the Sarthe region (“Centre de Gestion de la Sarthe” in French) is involved in personnel management and development for the region’s local authorities. Their role is to undertake tasks related to the recruitment and management of certain categories of local government employees.
To meet the objective of strengthening IT security, this regional actor has sought the services of Novelis to implement additional security measures and thus mitigate the identified risks.
In order to secure our client’s organization and systems, our cybersecurity team took several actions:
An intrusion audit for three business applications: We analyzed the vulnerabilities of these applications and identified possible entry points for malicious attackers. We provided specific recommendations to strengthen the security of these applications.
Two white-box and black-box audits on our client’s IS: We carried out in-depth security audits on the information system, using both white-box (where we had access to information on the system) and black-box (where we simulated an external attack) audit techniques. We identified vulnerabilities and security gaps, and provided recommendations for correcting them.
A configuration and architecture audit: We assessed the configuration and architecture of our client’s information system to identify areas of risk and opportunities for improving security. We proposed recommendations to strengthen the security of the configuration and architecture.
A phishing simulation for all employees: We carried out a phishing simulation to test the awareness and vigilance of the company’s employees in the face of these attacks. We provided detailed reports on the results of the simulation, as well as recommendations for strengthening the organization’s security.
Cyber attacks are not the prerogative of large groups and in France 9 companies out of 10 have already been affected by a cyber malicious act.
Novelis offers its cybersecurity expertise in a pragmatic approach, integrating both the dimension linked to the analysis of the current situation (intrusion tests, audit, identification of internal and external threats…) and long-term support in terms of governance, processes and best practices to guard against cyber-attacks and establish a cyber-resilience mechanism.
Management center of the Sarthe region called upon Novelis for a technical and organizational audit of the Information System Security. They proposed us a clear, relevant and rigorous analysis scenario. Their work allowed us to highlight weaknesses in our system that could have been damaging if they had been exploited by a malicious user. The clear and detailed reports allowed us to correct the weaknesses identified as quickly as possible, and gave us tools and guidelines to improve our security practices and procedures in the long term.