Is your business ready?

February 2016

As the person responsible for information systems security in your company, you have no doubt put in place information security monitoring tools and processes. For example, you have probably adopted solutions for detecting an abnormal event on your network. If that takes place, your team reacts by setting in motion the planned intervention protocol to resolve the incident.


Most Canadian businesses today are equipped with generic surveillance and intervention plans, which were designed and developed to detect regular operational incidents such as the loss of a service, infection with a virus, etc.
But be careful! The most damaging incidents aren’t the most common ones. For example, are your management, human resources, legal, IT and security teams prepared to respond to major security breaches?

Your organization could be reassured by a false feeling of preparedness, making it vulnerable in the event of a major violation of your systems, for example DDOS, APTs, etc.

You are aware that large businesses and organizations have been victims of major cyber-attacks, often putting the data of thousands of citizens in jeopardy; these include Home Depot, Target and Canada Revenue Agency. Would you say your business has learned from their mistakes?


The solution is the same as for public emergencies such as fires or acts of terrorism: the best protection is adequate preparation. This means planning who will be brought in to respond and when, and identifying the gaps in your team’s capacity to respond.

It is important for your organization to test its security operations centre and emergency service, by simulating incidents that can cause real damage and paralyze your systems, for example. How your team reacts to such incidents will be revealing.

Based on the results, you can clearly identify the weaknesses that make you vulnerable to a critical incident. The next step is to prepare a list of the improvements required, in order of priority.

Finally, of course, you need to implement the recommended changes. Also, since organizations are constantly changing, your department should schedule periodic reviews and updates of its detection and intervention plans.

To improve your current practices and limit the damage in the event of a cyber-attack, you can call in our team of experts.