In less than a year, Securiview has achieved certification of its information security management system (ISO 27001) for the cornerstone of its business: the security operations center, which heralds new opportunities and raises its profile as a recognized player in the market.
Information system security is Securiview’s core business. “We were looking to put our name on the map, get our work endorsed and let our customers know in order to strengthen their trust,” explains Stéphane Dahan, CEO of Securiview. In 2013, two company employees underwent training to become ISO/IEC 27001 Lead Auditor and Lead Implementer. One of them is working with Stéphane Dahan on the company’s plans to implement the security management system focusing on security equipment management, monitoring, log management and alert management.
Because information system security is its core business, Securiview already had most of the necessary technological components, so only a few tweaks were needed to comply with the requirements of the standard. A few investments were required to ramp up security. Most of the work involved revising processes and updating practices and procedures.
“Since we had already done it for our customers, we were already well ahead when it came to security management procedures” advises Stéphane Dahan. “We did not encounter any major difficulties. However, the important point was that we needed to invest our time. “
Yet Securiview achieved certification in less than a year. Before the certification audit, the company contracted AFNOR Certification to carry out a one-day preliminary audit. “We did not quite feel ready” remembers Stéphane Dahan. “It was a busy day with a considerable amount of findings and analyses. Interaction has always been extremely clear and fast with AFNOR Certification. “
This post is also available in FR.