SickKids Case Study -PlutoSec - Cyber Security Canada

Eiusmod enim tempor incididunt aut labore et dolore magna aliua ruis nostrud exercitation ullamco laboris.

About Us

 
The SickKids Foundation, based in Toronto, is a fundraising organization dedicated to supporting the hospital for sick children. With over 1.5 million active donors, the foundation handles and manages sensitive information, which could lead to reputational damage and donor loss if compromised.

Table of Contents

  • About the SickKids Foundation

  • Main Goal

  • Outcomes

 

About the SickKids Foundation

The SickKids Foundation, based in Toronto, is a fundraising organization dedicated to supporting the Hospital for Sick Children. Managing sensitive information from over 1.5 million active donors, the foundation faces the risk of reputational damage and donor loss if this data is compromised.

To safeguard donor information, Derek Sutton, the Director of Infrastructure and Enterprise Architecture, acknowledged the need to enhance their security posture. To address this, he enlisted PlutoSec to conduct a penetration test.


Main Goal

The primary goal of the SickKids Foundation was to evaluate its security posture and identify any vulnerabilities that might have been overlooked by their team. Although they had implemented basic security measures, the organization’s infrastructure was outdated and in need of an upgrade. A penetration test was essential to uncover gaps and vulnerabilities, allowing them to address these issues and enhance their security before potential exploitation.

PlutoSec developed a thorough methodology with 95% manual testing and a coverage-based approach to accurately simulate real-world conditions. Their team of highly skilled in-house ethical hackers conducted an in-depth analysis of the systems from an attacker’s perspective, filtering out irrelevant details and highlighting the most critical findings requiring remediation. Additionally, their coverage-based approach allowed testers to explore various methods of system breach and vulnerability exploitation, providing a precise and comprehensive report.


Outcomes

PlutoSec’s penetration testing approach revealed a range of hard-to-detect vulnerabilities and potential attack vectors that could be exploited. The final report offered valuable insights that helped the foundation’s IT team identify weaknesses in their infrastructure and provided actionable guidance to enhance their overall security posture. Moreover, PlutoSec’s Canadian Data Residency and SOC 2 Type II Accreditation assured the SickKids Foundation that all test reports were securely handled within a trusted environment, ensuring full compliance with data security standards.

Overall, PlutoSec’s comprehensive penetration testing enabled the SickKids Foundation to pinpoint vulnerabilities, address issues, and strengthen their security posture. Derek Sutton highly recommends PlutoSec to his peers for their expertise, coverage-based approach, manual testing methodology, and accuracy in identifying real issues without false positives. Additionally, the SOC 2 Type II Accreditation and Canadian Data Residency offered SickKids Foundation’s donors reassurance that their information is well protected.

Empowering engagement through meaningful dialogue.
visit us, phone, or email for personalized assistance.

Subscribe to Newsletter

Follow on social media: