Back
BNP Paribas Fortis

Critical Asset Recovery & Cyber-Resilience Program Implementation

Use Case Overview

Futurwork partnered with BNP Paribas Fortis to support the implementation of the Critical Asset Recovery & Cyber-Resilience Program. This initiative aimed to ensure compliance with information security regulations and develop robust capabilities to recover critical assets in the event of cyber-attacks. Futurwork's mission was to collaborate with the CAR Core Team to identify IT assets, assess risks, and develop comprehensive recovery plans.

Mission Objectives

The mission focused on enabling sound information security risk decision making and implementing a robust information security management system. The Information Security Strategy of BNP Paribas Fortis aimed to achieve four objectives: enabling the extended enterprise, countering cyber crime, protecting information systems, and managing security risks. Compliance with regulatory expectations and the ability to continue critical business activities during cyber-attacks were crucial.

Futurwork's Role and Contributions

Futurwork joined forces with the CAR Core Team to achieve program objectives. Key contributions included:

  1. Asset Identification: Collaborating with the team, Futurwork participated in identifying, mapping, and documenting all IT assets and components supporting critical business activities (OCCO scope), creating detailed as-is architecture and functional diagrams.
  2. Risk Assessment: Futurwork helped identify gaps in existing plans, assessing the risks and impact on operational continuity in case of cyber-attacks. Findings were thoroughly documented, including direct and indirect impacts on critical asset service loss.
  3. Recovery Planning: Working closely with Team Lead, Asset Owners, Architects, and other stakeholders, Futurwork facilitated the development of planned and controlled sequences to restore critical asset functioning. Dependencies, constraints, and interdependencies were identified to ensure a comprehensive recovery approach.
  4. Communication and Collaboration: Futurwork maintained regular communication with the team, providing transparency, sharing findings, assessments, and recommendations. Strong inter-personal relationships were built with key stakeholders to facilitate smooth execution.

Project Outcome

Through the collaborative efforts of Futurwork and BNP Paribas Fortis, the Critical Asset Recovery & Cyber-Resilience Program was successfully implemented. The program enabled BNP Paribas Fortis to meet regulatory expectations and enhance their cyber-resilience capabilities. Detailed asset identification, risk assessment, and recovery planning ensured the organization's ability to continue critical business activities during cyber-attacks, safeguarding their operations.

Technologies

During the implementation of the Critical Asset Recovery & Cyber-Resilience Program, key technologies included:

  • Microsoft: Windows Server, Active Directory, PowerShell.
  • Linux: Red Hat Enterprise Linux (RHEL), CentOS.
  • Networking: Cisco infrastructure, VPN.
  • Storage: NAS, SAN.
  • Security: IDPS, SIEM, vulnerability assessment tools.
  • Collaboration: Confluence.

Key Figures

  • 2 ETP - 1 IT Security Engineer Expert + 1 Technial Project Manager (CyberRisk)
  • 2021 - 2023
  • Budget : Around 650K€
Our office

523 Avenue Louise Brussels,
1050contact@futurwork.be

contact@futurwork.be
FuturWork Services
Freelancers
Freelancers
Tarifs
Quick Links
Expertises
Cases
Blog
Company
Career
Join Futurwork