Active Directory (AD) is a directory provided by Microsoft since Windows 2000 Server, that centralises the mechanisms for identifying, authenticating, and managing access rights to the organisation's resources. This component is adopted by a significant number of organisations (approximately 90 to…
The multiple perks of establishing a cyber budget management For the past few years, companies have seen their cybersecurity budgets significantly increasing; according to the latest Gartner reports, they have increased by 51% since 2018. Chief Information Security Officers…
Cyber issues in the energy sector The energy sector is made up of vital infrastructures and provides essential services for a country. The sector, shaped by increasing digitalization, is undoubtedly a prime target for cyber attackers with consequences that are liable…
I often talk about cybersecurity awareness: I share concepts and best practices, but today I'm writing from another point of view: that of the person who has been made aware! Yes, experts are not exempt from awareness initiatives... let me…
Backup security is a topic of increasing concern to large accounts, often as part of initiatives to improve their cyber-resilience. When all the protection, detection and response measures have not been sufficient: the information system must be restored quickly from…
Using passwords introduces both a large attack surface (phishing, brute force, password spreading, rainbow table, etc.) and a poor user experience. As a result, passwords have been denounced in favour of passwordless technologies for several years. However, passwords remain commonly…
In 2013, the FBI issued a Stored Communications Act warrant for emails stored in Ireland, on one of Microsoft’s datacenters as part of a drug trafficking investigation. Microsoft refused to provide this information, because the data in Ireland is beyond…
After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year…
Attacks are multiplying and diversifying in terms of both their technical development and the methods of extortion. Despite recent arrests and diplomatic moves, these Ransomware attacks will remain very prevalent in 2022. But what is the real level of CAC…
On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…
