We have recently opened the contributions to this blog to start-ups accelerated by our Shake'Up project. Hackuity rethinks vulnerability management with a platform that collects, standardizes and orchestrates automated and manual security assessment practices and enriches them with Cyber Threat…
Tag: risk management
We talked about it in a previous article, the agile digital transformation is on the way and this new model requires a total rethinking of the way security is integrated into projects. In this article, we will discover how to…
The cybersecurity topic requires involvement at all levels of the company, but also and above all with the executive committee! Obviously, management must be an example, but it will also decide on major investments and will know how to unlock…
Security managers often bring us in to evaluate their cybersecurity maturity level. We help firms analyze the return on investment for cybersecurity, properly allocating the budget, comparing level of security to that of others in similar sectors or common standards,…
Nous vous en parlions dans un précédent article, la transformation numérique agile est en marche et ce nouveau modèle impose de totalement revoir sa manière d’intégrer la sécurité dans les projets. Nous allons découvrir dans cet article comment conduire un…
As we’ve seen in the previous article, a serious consideration of "permissions" (also known as rights, authorizations, roles, and access profiles) should significantly reduce the risk of fraud and human error, and contribute to the company’s compliance with relevant legislation.…
Enterprise Resource Planning (ERP) applications support businesses’ most critical processes and workflows. As such, it carries many inherent risks—the main ones being internal fraud and human error. And statutory auditors, internal controllers, and auditors, are only too well aware of…
Résultat d’un travail d’envergure porté durant deux ans par l’ANSSI et le Club EBIOS, EBIOS Risk Manager (EBIOS RM) est la nouvelle déclinaison de la méthodologie d’analyse de risque EBIOS. Bien que les principes fondamentaux d’identification des enjeux, des risques…
Theoretically, when a company is for sale, its potential buyer carries out a preliminary investigation phase to ensure that the company, as advertised in its published documents, is the same in reality. This is otherwise known as due diligence. This…
Le 6 juillet 2016 était publiée la directive européenne NIS (Network Information Security). Issu d’une réflexion commencée en 2013, ce texte ajoute une nouvelle brique au chantier de la sécurisation du marché unique numérique européen. Avec le règlement eIDAS, cette…