{"id":2149,"date":"2012-08-28T09:30:24","date_gmt":"2012-08-28T08:30:24","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=2149"},"modified":"2019-12-30T17:47:54","modified_gmt":"2019-12-30T16:47:54","slug":"externaliser-la-securite-oui-mais-dans-quel-objectif","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/","title":{"rendered":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ?"},"content":{"rendered":"

La s\u00e9curit\u00e9 suit aujourd\u2019hui la tendance g\u00e9n\u00e9rale qui vise \u00e0 externaliser de nombreuses fonctions du p\u00e9rim\u00e8tre historique du SI (messagerie, applications m\u00e9tiers\u2026).<\/p>\n

Force est de constater que la s\u00e9curit\u00e9 n\u2019est plus un frein \u00e0 sa propre externalisation. Les principaux risques que craignaient les RSSI il y a encore quelques ann\u00e9es peuvent d\u00e9sormais \u00eatre ma\u00eetris\u00e9s. \u00a0\u00c0 condition bien entendu de respecter quelques r\u00e8gles d\u2019or accept\u00e9es par la plupart des fournisseurs : engagement de r\u00e9versibilit\u00e9, clauses d\u2019audit, m\u00e9canismes de suivi des SLA et certifications des fournisseurs …<\/p>\n

Le RSSI n\u2019a que l\u2019embarras du choix : il est aujourd\u2019hui possible d\u2019externaliser quasiment tous les services imaginables en termes de s\u00e9curit\u00e9 op\u00e9rationnelle. Mais alors que doit-on externaliser, et pourquoi\u00a0?<\/p>\n

Externaliser pour rationaliser<\/strong><\/h2>\n

Depuis des ann\u00e9es, les entreprises font appel aux MSSP (Managed Security Service Providers) <\/em>pour g\u00e9rer leurs infrastructures s\u00e9curit\u00e9\u00a0: management du parc de firewalls, surveillance des consoles anti-virus et des IDS\u2026<\/p>\n

Ces fournisseurs, tirant partie de leurs nombreux retours d\u2019exp\u00e9rience, proposent aujourd\u2019hui des offres totalement packag\u00e9es et industrialis\u00e9es. La mutualisation de leurs ressources et processus permet d\u2019optimiser les co\u00fbts, \u00e0 tel point qu\u2019aujourd\u2019hui les business case<\/em> penchent quasi-syst\u00e9matiquement en faveur de l\u2019externalisation\u00a0!<\/p>\n

Et l\u2019industrialisation pourrait encore aller plus loin\u2026 avec le march\u00e9 des SecAAS (Security-as-a-Service)<\/em>. Ces \u00ab\u00a0nouveaux entrants\u00a0\u00bb ne se limitent pas \u00e0 la gestion des infrastructures, mais fournissent directement des mesures de protection dans le Cloud (filtrage web, messagerie s\u00e9curis\u00e9e, authentification forte\u2026). Leurs clients peuvent ainsi b\u00e9n\u00e9ficier de tous les avantages h\u00e9rit\u00e9s du Cloud (mutualisation, optimisation, flexibilit\u00e9\u2026) tout en r\u00e9duisant le co\u00fbt de l\u2019exploitation de leur infrastructure.<\/p>\n

Externaliser pour mieux se prot\u00e9ger<\/strong><\/h2>\n

Paradoxalement, l\u2019externalisation peut m\u00eame avoir comme objectif premier d\u2019augmenter le niveau de s\u00e9curit\u00e9… en tirant partie de la vision globale, inter-clients, des MSSP.<\/p>\n

Il s\u2019agit de confier \u00e0 un MSSP la surveillance de l\u2019infrastructure s\u00e9curit\u00e9, qui lui-m\u00eame dispose d\u2019une vue sans pareille sur l\u2019actualit\u00e9 du monde de la cybercriminalit\u00e9. En effet, les grandes entreprises doivent d\u00e9sormais conna\u00eetre les nouvelles menaces en temps r\u00e9el et \u00eatre en capacit\u00e9 de r\u00e9agir en cas d\u2019attaque. Une cons\u00e9quence \u00e9vidente de l\u2019\u00e9volution des attaques constat\u00e9e ces derni\u00e8res ann\u00e9es.<\/p>\n

Les MSSP leaders du march\u00e9 ont compris l\u2019importance de ce changement et ont structur\u00e9 leurs offres autour de leurs connaissances du monde de la cybercriminalit\u00e9 (affiliation aux r\u00e9seaux de CERT, pr\u00e9sence sur les forums underground, d\u00e9ploiement de r\u00e9seaux de sondes dans le monde\u2026).<\/p>\n

La surveillance des infrastructures de leurs clients ne se limite plus \u00e0 l\u2019administration d\u2019outils SIEM (Security Information and Events Management)<\/em>\u00a0: les filtres de surveillance sont mis \u00e0 jour au fil de l\u2019actualit\u00e9, sans se limiter aux comportements d\u00e9finis pr\u00e9alablement avec leur client. De m\u00eame, les activit\u00e9s historiques de veille et de tests de vuln\u00e9rabilit\u00e9s sont largement compl\u00e9t\u00e9es : les vuln\u00e9rabilit\u00e9s des clients sont d\u00e9sormais analys\u00e9es en connaissance des menaces r\u00e9elles et la surveillance peut \u00eatre adapt\u00e9e tant que la vuln\u00e9rabilit\u00e9 n\u2019est pas corrig\u00e9e.<\/p>\n

La valeur ajout\u00e9e s\u00e9curit\u00e9 est \u00e9vidente\u00a0: les clients b\u00e9n\u00e9ficient d\u2019une mise \u00e0 jour constante de leur niveau de s\u00e9curit\u00e9. Bien entendu, plus le nombre de clients du MSSP est \u00e9lev\u00e9, plus le service devient pertinent. Il n\u2019est donc pas surprenant que le march\u00e9 soit aujourd\u2019hui domin\u00e9 par les grands fournisseurs anglo-saxons. Mais peut-\u00eatre pas pour longtemps, ces derniers \u00e9tant bouscul\u00e9s depuis quelques temps par les groupes Indiens qui tendent aujourd\u2019hui vers des services performants avec des prix plus comp\u00e9titifs.<\/p>\n

Externaliser pour encore plus de valeur ajout\u00e9e<\/strong><\/h2>\n

Les services propos\u00e9s par les MSSP tendent \u00e0 s\u2019homog\u00e9n\u00e9iser\u2026 voire m\u00eame \u00e0 se standardiser. Il est de plus en plus complexe de n\u00e9gocier des SLA particuliers, ou d\u2019exiger des ressources sp\u00e9cifiques ou d\u00e9di\u00e9es.<\/p>\n

Cette approche mutualis\u00e9e est tr\u00e8s efficace tant que les services portent sur la s\u00e9curit\u00e9 des infrastructures, cependant elle est fortement limit\u00e9e lorsqu\u2019il s\u2019agit de prot\u00e9ger les besoins m\u00e9tiers sp\u00e9cifiques. Le \u00ab\u00a0sur-mesure\u00a0\u00bb est indispensable pour lutter contre les menaces les plus avanc\u00e9es et pour prot\u00e9ger de mani\u00e8re fine les applications critiques de l\u2019entreprise.<\/p>\n

Aujourd\u2019hui il n\u2019existe pas d\u2019acteurs majeurs capables de surveiller les applications ou de d\u00e9tecter les fuites d\u2019information avec une vision m\u00e9tier. Peut-\u00eatre ce march\u00e9 est-il \u00e0 la port\u00e9e des MSSP fran\u00e7ais qui restent assez proches de leurs clients, avec des offres encore adaptables\u00a0?<\/p>\n

Il est donc \u00e0 la fois possible d\u2019optimiser ses co\u00fbts et d\u2019augmenter son niveau de s\u00e9curit\u00e9 en externalisant la s\u00e9curit\u00e9 des infrastructures. En revanche, sur le terrain de la s\u00e9curit\u00e9 applicative\u2026 les clients devront encore attendre\u00a0! Les fournisseurs externes sont en effet encore trop loin des enjeux m\u00e9tiers de leurs clients.<\/p>\n","protected":false},"excerpt":{"rendered":"

La s\u00e9curit\u00e9 suit aujourd\u2019hui la tendance g\u00e9n\u00e9rale qui vise \u00e0 externaliser de nombreuses fonctions du p\u00e9rim\u00e8tre historique du SI (messagerie, applications m\u00e9tiers\u2026). Force est de constater que la s\u00e9curit\u00e9 n\u2019est plus un frein \u00e0 sa propre externalisation. Les principaux risques…<\/p>\n","protected":false},"author":226,"featured_media":6344,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3222,36,35],"tags":[57,610,613],"coauthors":[1458],"class_list":["post-2149","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberrisk-management-strategy","category-cybersecurity-digital-trust","category-strategie-projets-it","tag-externalisation","tag-secaas","tag-siem"],"acf":[],"yoast_head":"\nExternaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"La s\u00e9curit\u00e9 suit aujourd\u2019hui la tendance g\u00e9n\u00e9rale qui vise \u00e0 externaliser de nombreuses fonctions du p\u00e9rim\u00e8tre historique du SI (messagerie, applications m\u00e9tiers\u2026). Force est de constater que la s\u00e9curit\u00e9 n\u2019est plus un frein \u00e0 sa propre externalisation. Les principaux risques...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2012-08-28T08:30:24+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-30T16:47:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"573\" \/>\n\t<meta property=\"og:image:height\" content=\"214\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"SolucomINSIGHT\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"SolucomINSIGHT\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\"},\"author\":{\"name\":\"SolucomINSIGHT\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/db6adc4938259b49b2bfa661026ca1f5\"},\"headline\":\"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ?\",\"datePublished\":\"2012-08-28T08:30:24+00:00\",\"dateModified\":\"2019-12-30T16:47:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\"},\"wordCount\":873,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"keywords\":[\"externalisation\",\"SecAAS\",\"SIEM\"],\"articleSection\":[\"Cyberrisk Management & Strategy\",\"Cybersecurity & Digital Trust\",\"M\u00e9tiers - Strat\u00e9gie & projets IT\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\",\"name\":\"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"datePublished\":\"2012-08-28T08:30:24+00:00\",\"dateModified\":\"2019-12-30T16:47:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"width\":573,\"height\":214},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/db6adc4938259b49b2bfa661026ca1f5\",\"name\":\"SolucomINSIGHT\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/solucominsight\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/","og_locale":"en_US","og_type":"article","og_title":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight","og_description":"La s\u00e9curit\u00e9 suit aujourd\u2019hui la tendance g\u00e9n\u00e9rale qui vise \u00e0 externaliser de nombreuses fonctions du p\u00e9rim\u00e8tre historique du SI (messagerie, applications m\u00e9tiers\u2026). Force est de constater que la s\u00e9curit\u00e9 n\u2019est plus un frein \u00e0 sa propre externalisation. Les principaux risques...","og_url":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/","og_site_name":"RiskInsight","article_published_time":"2012-08-28T08:30:24+00:00","article_modified_time":"2019-12-30T16:47:54+00:00","og_image":[{"width":573,"height":214,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","type":"image\/jpeg"}],"author":"SolucomINSIGHT","twitter_misc":{"Written by":"SolucomINSIGHT","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/"},"author":{"name":"SolucomINSIGHT","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/db6adc4938259b49b2bfa661026ca1f5"},"headline":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ?","datePublished":"2012-08-28T08:30:24+00:00","dateModified":"2019-12-30T16:47:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/"},"wordCount":873,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","keywords":["externalisation","SecAAS","SIEM"],"articleSection":["Cyberrisk Management & Strategy","Cybersecurity & Digital Trust","M\u00e9tiers - Strat\u00e9gie & projets IT"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/","url":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/","name":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ? - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","datePublished":"2012-08-28T08:30:24+00:00","dateModified":"2019-12-30T16:47:54+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","width":573,"height":214},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2012\/08\/externaliser-la-securite-oui-mais-dans-quel-objectif\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Externaliser la s\u00e9curit\u00e9, oui mais dans quel objectif ?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/db6adc4938259b49b2bfa661026ca1f5","name":"SolucomINSIGHT","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/solucominsight\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/226"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=2149"}],"version-history":[{"count":7,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2149\/revisions"}],"predecessor-version":[{"id":6384,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/2149\/revisions\/6384"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/6344"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=2149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=2149"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=2149"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=2149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}