[nota bene: this article has been translated to English for accessibility reasons. It does not address UK or US regulations, but only French ones regarding Security Accreditation (“homologation” in French). It is nonetheless useful for any organization wanting to implement…
Category: Cyberrisk Management & Strategy
Since the last edition of the radar, the world has been hit hard by an unprecedented viral pandemic. This has piled on the pressure to fast track digital transformations set in a context of increasingly active cybercriminals and an ever-growing threat. Against…
If we have seen in a previous article the predominance of FAIR in the world of quantification[1], another article published here in early June[2] (detailing the FAIR method in its second part) emphasizes the care to be taken in the…
A few months ago, François LUCQUET and Anaïs ETIENNE told us of the growing interest in quantifying cyber risks[1], but also warned us against going to the path of quantification without prior reflection. Their analysis, which is still relevant, emphasized…
More and more clients request our help regarding their third-party cyber risk management strategy. Indeed, third parties constitute a privileged attack vector. A recent study from Soha Systems showed that 60% of security incidents involve directly or indirectly a supplier.…
Citalid is a French tech startup founded in 2017 that provides CISOs and Risk Managers with a software for quantifying and managing cyber risk. Citalid's highly innovative technology enables its clients to benefit from simulations, metrics and recommendations that are…
As of now, it is interesting to note that it is the real attacks themselves that most easily allow us to quantify the cyber risks, and this by estimating the costs involved. It is estimated that NotPetya, the famous 1-billion-dollar…
This year has been exceptionally trying for individuals, businesses and governments globally. Living and working in a crisis mode introduced an array of challenges, with some firms dealing with them better and faster than others. What is the common denominator?…
Nostalgia, nostalgia... remember security organizations 20 years ago. It couldn't be simpler! The "typical" team was made up of about fifteen people in the ISD operations, all of them passionate about technology: it caused a lot of VLAN, Internet filtering,…
Comment utiliser le cadre de la norme ISO 27001 au service de l’amélioration continue du niveau de sécurité ? Dans un précédent article, on vous racontait tout sur la nouvelle directive européenne NIS et le choix de la Belgique de se…