How can the ISO 27001 framework be used to continuously improve the security level? In a previous article, we told you all about the new European NIS directive and Belgium's choice to use the ISO 27001 standard as a basis…
Tag: risk
We have seen in the first part of the article the risks that represent the deepfakes for the businesses. In this part, we are going to focus on the strategies available to pre-empt deepfakes and the concrete actions to implement…
Online media and social networks expand the attack surface usable by the malicious actors, and deepfakes are the ultimate weapon. Well-known as a disinformation tool for the society, they bring about other risks to be considered by businesses. The recent…
We have seen through the previous articles the solutions allowing to initiate the security of Industrial IS. Once this securing has been achieved, the maintenance in security conditions must be ensured as well as the implementation of detection means. Managing…
Un sondage IFOP*, publié en début d’année 2019, révélait que 22% des jeunes avaient déjà fait les frais de « cyber harcèlement » et, selon l'association e-enfance, qui gère le numéro Net Écoute, 2 à 3 enfants par classe seraient…
Enterprise Resource Planning (ERP) applications support businesses’ most critical processes and workflows. As such, it carries many inherent risks—the main ones being internal fraud and human error. And statutory auditors, internal controllers, and auditors, are only too well aware of…
Résultat d’un travail d’envergure porté durant deux ans par l’ANSSI et le Club EBIOS, EBIOS Risk Manager (EBIOS RM) est la nouvelle déclinaison de la méthodologie d’analyse de risque EBIOS. Bien que les principes fondamentaux d’identification des enjeux, des risques…
« Va parler à la maitresse si quelqu’un t’embête à l’école », « Je ne te louerai pas ce DVD, ce film est trop violent pour toi » ou encore le classique « Surtout, ne suis pas un inconnu, même s’il t’offre des bonbons ». On…
Security certification, taking a risk-bases approach to ISS Under the French Military Programming Act (MPL), certification is a mandatory procedure that applies to Vitally Important Operators (VOI). It helps to manage the issues and security levels for all Vitally Important…
On July 6, 2016, the NIS (Network and Information Security) directive went into effect. With only a short time to go until the deadline for transposition (May 9, 2018), discussions about the directive are picking up steam. But what exactly…