AEPOS Groupe ADGA Group

Critical Information Infrastructure Protection (CIIP)

Information Protection for a New Age

The need for IT security is stronger now, than it has ever been. Both public and private sector Internet sites have been the well-publicized victims of hacker attacks from both inside Canada and abroad. According to a 2002 RCMP report on hacking:

"...there is no simple solution to hacking. Securing computer systems in a networked environment is a dynamic process which is constantly at odds with corporate goals.  Dedicated attention is required to maintain a balance between the two in the face of the increasing threat posed by hackers..."

Given the growing importance of security, organizations need to be ever vigilant in the protection of their infrastructure.

The AEPOS Information Infrastructure Protection (IIP) group's mission is to assist clients with the protection of information and information systems in three key capacities:

  • Vulnerability Assessment Services: These consist of services during which various tools and techniques are used to gain information on, and identify vulnerabilities associated with, a system's perimeter and architecture. Services include reconnaissance, network mapping, vulnerability identification, vulnerability exploitation, data analysis and reporting. Additionally, penetration-testing services are offered whereby attempts are made to circumvent any implemented system security features of a target of evaluation.
  • Threat/Incident Trend Analysis and Alerting: The IIP group can provide tailored threat analysis and alerting service to clients based on specific products, tools, or architectures in order to provide the latest information on threats, vulnerabilities, and known incidents. Threat Environment briefings, generated from information gathered from a variety of sources, including common threat and vulnerability databases, can be held either on-site, at client facilities, or developed as Computer-Based Training (CBT).
  • Information Protection Center Support: The IIP group can provide supplemental and Subject Matter Expert personnel to staff IPCs. Some of the support services provided include:
    • Detection Support: Includes services that assist the client with the recovery of normal operations by restoring systems, hardening affected systems, and conducting lessons learned assessments and incident post mortems.
    • Reaction Support: including the capability to triage and respond to computer attack. One of the most fundamental objectives is to restore control of the affected systems and to limit impact and damage. An incident triage needs to be performed immediately once an incident is identified and/or reported in order to minimize the damage inflicted by the incident.
    • Recovery Support: Efficient service restoration by prioritizing the restoration of minimum essential capabilities through to normal operations, performing an assessment follow-up to determine if any additional vulnerabilities were introduced, and performing incident post mortems.
Copyright © 2004 The ADGA Group. All rights reserved. Important notices