Organizations depend on business and IT systems to operate effectively and competitively in this digital age. These systems are frequently updated and even a small change can introduce new vulnerabilities.

At the same time, IoT devices such as cameras, sensors and PLCs are often left unattended and unpatched. While organizations are investing significant effort and money to ensure that the systems run efficiently with the necessary security controls, they do not always test to check if the security controls are implemented correctly or are sufficient. Left to chance, vulnerabilities will only be discovered once security has been breached, leaving the organization open to potential regulatory fines, financial loss, reputational damage or theft of business critical information or intellectual property.

With the growing utilization of IoT (Internet of Things) devices and cloudification of services, it is particularly crucial that network devices comply with best practices regarding security controls, data transport and IT governance.

CGI’s penetration testing services (sometimes referred to as “ethical hacking”) maximizes risk reduction, while minimizing any disruption to the business. We evaluate systems by subjecting them to external Internet attacks and/or by considering insider threats.