This article is structured around four complementary approaches aimed at strengthening end‑to‑end backup security. After addressing, in Part 1, backup usability (1) and the security of the backup infrastructure (2), this second part focuses on the last two approaches: protecting…
Electric mobility is experiencing rapid growth in France and across Europe: in January 2026, registrations of fully electric vehicles in France increased by more than 50% compared with January 2025, bringing their market share to nearly one third of total vehicle sales. This trajectory confirms a structural transformation of…
Following an initial phase focused on understanding the scope and framework of Part-IS and on drafting Information Security Management Systems (ISMS), the aviation sector has entered a new phase. In 2026, Part-IS is no longer a theoretical or purely documentary topic — it has…
CERT-Wavestone handles cybersecurity incidents of all types and magnitudes, from investigating a single suspicious workstation to large-scale overnight ransomware outbreaks. After 10 years of forensics investigations and crisis management at Wavestone, one thing stands out: attackers are more sophisticated than…
The rise of AI agents is redefining enterprise security Artificial intelligence has now become a structuring lever for companies: 70%¹ have already placed it at the heart of their strategy. So far, most deployments relied on conversational assistants capable…
AI is now embedded across a growing range of offensive security workflows. The most visible shift is the rise of services that apply large language models and agentic orchestration to autonomous testing activity. Some vendors have been present for years,…
In 2025, ransomware attacks remained a persistent threat and increasingly targeted backup systems (21% of attacks targeted backups in 2021, compared with 90% in 2025 [1] ). Protecting backups, now also subject to strengthened regulatory requirements such as NIS 2, has therefore…
In 2026, Active Directory remains at the heart of the now hybrid identity infrastructure of most large companies and is still widely used as an on-premises identity provider, even when organisations migrate to the cloud. Wavestone incident response teams note that 38% of attacks begin with…
Subscription hijacking is a cloud attack first identified on Microsoft Azure: it consists of an attacker successfully transferring an Azure subscription from its original Azure organization to an organization under malicious control. This attack allows the attacker to take full…
Classifying an industrial system is a first step; making that classification operational in the field is another matter altogether. This is precisely where version 2.0 of the guide “Industrial Systems Cybersecurity – Detailed Measures”, published on November 27, 2025, positions itself: translating cybersecurity classes into…
