Bexley: E-commerce Security Audit

Home > Cas Clients > Bexley: E-commerce Security Audit

The Bexley assignment was a real challenge: namely to conduct an audit on short notice on behalf of an investment fund.

Context & objectives

Founded in 1985, the Bexley brand boasts a network of 17 stores and an e-commerce site launched in 1996, through which the company achieves 30% of its revenue. Certain mismatches between the Bexley IT system and the e-commerce site are likely to contain or generate areas of vulnerability.

Business Challenge

To protect the IT system against internal and/or external threats in order to safeguard the company’s business activities and guarantee continuity. The challenge was broken down into 4 operational objectives:

To align security initiatives with the requirements of the business;
To merge the approach within a context of continuous improvement in order to ensure that the IT system develops in a composed and controlled manner;
To achieve state-of-the-art security performance aligned with standards;
To launch a global IT security approach based on a process of risk management, performance management and pragmatic implementation of best practices.

Solutions & methods

Exploiting its extensive expertise, Netsystem conducted a 360° security audit based on the ISO 27002 standard, supplemented by coverage of the risks inherent to e-commerce. A situation report was established detailing system maturity and the coverage of cyber risks, followed by an action plan initially focussed on short-term measurable results. Support was provided in two distinct phases:

The set-up phase, incorporating an audit to identify ‘quick-win’ solutions to produce results within two months;
Regular follow-up support to help Bexley personnel apply the solutions.

Key success factors