Red Team vs Blue Team : ALTEN Canada Cybersecurity Center

02/25/2019

The financial sector is the world’s number one target for cyber attacks (NTT Security 2018), particularly in North America where attacks have increased by 43% in one year. In this context, ALTEN Canada was approached by a major corporate and investment bank to secure its entire IT system in North America.

Our client, whose information system was based on applications mainly developed in-house, needed to comply with regulations and fix a large number of vulnerabilities within a very short time frame. At this critical time, ALTEN Canada was the only referenced partner to take up the challenge and respond positively to the request of this global banking leader.

 

1 month to create a Cybersecurity team «from scratch»

Using ALTEN SIR Global Security Services’ feedback and expertise to define the strategy, organization and skills to be deployed, ALTEN Canada succeeded in mobilizing a multi-expertise team in less than a month. A record time.

Several thousand detected vulnerabilities were analyzed by the ALTEN team. During the project, our consultants advise the client’s various services (business, infrastructure, IT department, etc.) and coordinate with their teams to correct each of the weaknesses.

This project, supervised by the bank’s highest management, was completed on time, allowing our client to avoid a significant financial penalty.

 

Hacking to better protect, security continuous improvement

At the end of this first mandate, we proposed the establishment of a permanent Cybersecurity Service Centre to detect and correct vulnerabilities as they occur. The customer gave us his agreement, as this system makes it possible to guarantee the continuity of an optimal level of Cybersecurity rather than to carry out costly compliance actions every 3-4 years.

The Red Team, composed of 5 penetration testers (ethical hackers), takes an offensive approach to try to hack into the bank’s information system. The detected vulnerabilities are processed by the Blue Team (10 people) which analyses them. The resolution advice (short, medium or long term) is then distributed to the relevant departments.

In parallel, ALTEN Canada regularly sends experts to the client’s internal services (e.g. business, IT, etc.) that do not have the necessary resources to develop security patches and updates.

With this expertise, ALTEN Canada is rapidly expanding its Cybersecurity activities in the financial sector and is positioning itself on a growing number of projects in Montreal.

Share