Bexley: E-commerce Security Audit

The Bexley assignment was a real challenge: namely to conduct an audit on short notice on behalf of an investment fund.

Context & objectives

Founded in 1985, the Bexley brand boasts a network of 17 stores and an e-commerce site launched in 1996, through which the company achieves 30% of its revenue. Certain mismatches between the Bexley IT system and the e-commerce site are likely to contain or generate areas of vulnerability.

Business Challenge

To protect the IT system against internal and/or external threats in order to safeguard the company’s business activities and guarantee continuity. The challenge was broken down into 4 operational objectives:

  • To align security initiatives with the requirements of the business;
  • To merge the approach within a context of continuous improvement in order to ensure that the IT system develops in a composed and controlled manner;
  • To achieve state-of-the-art security performance aligned with standards;
  • To launch a global IT security approach based on a process of risk management, performance management and pragmatic implementation of best practices.
Solutions & methods

Exploiting its extensive expertise, Netsystem conducted a 360° security audit based on the ISO 27002 standard, supplemented by coverage of the risks inherent to e-commerce. A situation report was established detailing system maturity and the coverage of cyber risks, followed by an action plan initially focussed on short-term measurable results. Support was provided in two distinct phases:

  • The set-up phase, incorporating an audit to identify ‘quick-win’ solutions to produce results within two months;
  • Regular follow-up support to help Bexley personnel apply the solutions.
Key success factors
  • In-depth experience
  • Implementation speed
  • Effective collaboration
Related Case Studies