Cybersecurity
The last few years have been marked by numerous cybersecurity incidents. Cyberattacks have affected many companies and the consequences can have irreversible repercussions financially as well as on the company image.
Companies that are increasingly oriented towards digital services, the growing integration of connected objects and mobility in their business value chains, the continuous development of cloud offerings, the growth in the volume of data managed, and constant changes are creating new challenges related to the increase in their exposure and therefore their vulnerability.
Since 2021, the threats are so varied and recurrent that the challenges for companies go far beyond protection alone, it is now a question of anticipating, monitoring, spotting, reacting and being resilient. Cyber risk has gone from being possible to very probable and the upstream work on controlling its impact is becoming a major strategic and operational investment.
For many years, the INTM Group has been supporting its clients in all stages of their IS preparation to face any event that presents a risk to the integrity and availability of infrastructures, networks and applications. Our mission is to help you implement, maintain and support the solutions, tools and technologies on which the security of your IS is based by:
- Offering a high level of service quality and responding to your company’s security policies by being a partner who makes proposals;
- Offering an organization adapted to the needs of customers particularly by taking into account their regulatory constraints related to the processing of sensitive data (healthcare, etc.) and having to be performed from the European continent;
- Proposing a high availability service offer to adapt to the geographical perimeter of our customers (national or international);
- Offering support in the organizational and technical evolution (infrastructure and architecture) of your company;
- Focusing on the user and considering the organizational context and the cultural challenges for the impacted populations.
More precisely, we bring our expertise on the following subjects:
- Governance of IS and Cybersecurity risks (Audit, Consulting, Analysis, project management of Cybersecurity solutions deployment, etc.);
- Supporting CISOs in the implementation of operational security strategies (definition of ISPs, SSPs, risk analyses and assessments, monitoring of remediation plans, audits and status reports, etc.);
- Supporting the Operations Managers in securing the existing system: BCP/ERP – DRP, Resilient architectures, Authentication reinforcement, Endpoint security, Monitoring, etc;
- Support for expert centers to integrate, operate and administer security solutions, manage incidents and vulnerabilities, etc;
- Expertise in securing access, authentication and authorization (PAM, PKI, IAM);
- Engineering and architecture in infrastructure and network security;
- DevSecOps and Cloud Security expertise;
- N1 to N3 support to security actors (CERT/CSIRT/SOC/NOC);
- Processing of events targeting “at risk” populations (administrators, developers, management, etc.).
Success stories
- For a company in the industry sector, we set up an outsourced Service Center to support its IAM department (AD management, PKI, Federation, account provisioning tool, authorizations) and the application maintenance of the user account provisioning tool.
- For a company in the industry sector, we set up an outsourced project team to develop application connectors to manage user accounts and secure authentication to the company’s critical applications.
- For a company in the communication sector, we set up an outsourced Service Center to provide Cloud and network support to its customers.
- For a company in the industry sector, we intervened in the framework of technical expertise activities for the security of work environments and mobility: security of mobile terminal protection, MOC of SEP antivirus hardening rules, MDM tools, workstation and security dashboard, management of workstation security events in conjunction with the SOC.
- For a company in the industry sector, we intervened in the framework of technical expertise activities of network security projects: diagnosis of network malfunctions, design and update of security procedures, implementation of changes with impact measurements.
- For a company in the industry sector, we were involved in the realization of scoping studies for the implementation of a dedicated SOC infrastructure and associated procedures.
- For a company of the banking sector, we acted to carry out studies and projects relating to the security of the Internet Browsing and Internet Hosting links (Proxy and Reverse Proxy, AntiMalwares, HTTP Filters or DNS servers).
- For a company of the banking sector, we intervened in support of Network Security expertise: diagnosis of network malfunctions, design and update of security procedures, implementation of changes with impact measurements.