{"id":4824,"date":"2014-01-06T18:00:58","date_gmt":"2014-01-06T17:00:58","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=4824"},"modified":"2019-12-31T11:26:04","modified_gmt":"2019-12-31T10:26:04","slug":"que-souhaiter-pour-la-securite-de-linformation-en-2014","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/","title":{"rendered":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?"},"content":{"rendered":"<p>2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9s \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de <a title=\"Intelreport - Mandiant\" href=\"http:\/\/intelreport.mandiant.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Mandiant<\/a> sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e.<\/p>\n<p>Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur \u00a02014\u00a0!<\/p>\n<p>2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014\u00a0?<\/p>\n<h2>Une s\u00e9curit\u00e9 plus transparente<\/h2>\n<p>C\u2019est possible\u00a0! L\u2019exemple de l\u2019int\u00e9gration de la reconnaissance biom\u00e9trique \u00e0 l\u2019iPhone 5S le montre. M\u00eame si la solution n\u2019est pas parfaite, elle a permis d\u2019augmenter significativement le niveau de s\u00e9curit\u00e9 des personnes\u00a0 qui n\u2019utilisent pas de code de verrouillage en raison de la g\u00eane qu\u2019il repr\u00e9sente. Au premier rang desquelles on peut citer <a title=\"News cnet - Yahoo's Mayer gives phone passcodes a pass\" href=\"http:\/\/news.cnet.com\/8301-1009_3-57602541-83\/yahoos-mayer-gives-phone-passcodes-a-pass\/\" target=\"_blank\" rel=\"noopener noreferrer\">la PDG de Yahoo, Marisa Meyer<\/a>\u2026<\/p>\n<h2>\u00a0Une s\u00e9curit\u00e9 plus ancr\u00e9e dans le quotidien de la DSI<\/h2>\n<p>Un chemin important reste \u00e0 parcourir pour maintenir une hygi\u00e8ne de base dans le SI. La question de l\u2019application des correctifs et des mises \u00e0 jour en est un exemple frappant. L\u2019ANSSI pousse dans ce sens avec ses 40 r\u00e8gles d\u2019hygi\u00e8ne. Le vote de la loi de Programmation militaire ne fera que renforcer cette orientation pour les structures concern\u00e9es. Et rappelons que <a title=\"Ars technica - How hackers made minced meat of Department of Energy networks\" href=\"http:\/\/arstechnica.com\/security\/2013\/12\/how-hackers-made-minced-meat-of-department-of-energy-networks\/\" target=\"_blank\" rel=\"noopener noreferrer\">m\u00eame les structures les plus vis\u00e9s par des attaques ne sont pas encore toutes au point<\/a> sur ces sujets !<\/p>\n<h2>Une s\u00e9curit\u00e9 mieux appropri\u00e9e par les m\u00e9tiers<\/h2>\n<p>Nous avons assist\u00e9 en 2013 \u00e0 une multiplication des attaques informatiques visant des activit\u00e9s m\u00e9tiers &#8211; comme les <a title=\"SC Magazine - Banks investigate security breach allegations\" href=\"http:\/\/www.scmagazineuk.com\/banks-investigate-security-breach-allegations\/article\/319643\/\" target=\"_blank\" rel=\"noopener noreferrer\">fraudes dans les agences Santander ou RBS<\/a>, le premier <a title=\"blogs.technet - Carberp-based trojan attacking SAP\" href=\"http:\/\/blogs.technet.com\/b\/mmpc\/archive\/2013\/11\/20\/carberp-based-trojan-attacking-sap.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">malware visant SAP<\/a> ou encore les<a title=\"IBT - Global Bank ATM Cyber Heist Earns Criminals $45m in Hours\" href=\"http:\/\/www.ibtimes.co.uk\/cyber-crime-bank-theft-45m-27-countries-466578\" target=\"_blank\" rel=\"noopener noreferrer\"> attaques cibl\u00e9es sur les syst\u00e8mes g\u00e9rant les plafonds de paiements de carte bancaire<\/a>. Elles montrent aux m\u00e9tiers que lorsqu\u2019un incident survient, certes le SI est touch\u00e9, mais les cibles finales sont bien les donn\u00e9es des m\u00e9tiers\u00a0! Ces cas entra\u00eenent des prises de conscience fortes. Nous ne pouvons \u00e9videmment pas souhaiter d\u2019en voir plus, mais esp\u00e9rer que ces incidents auront \u00e9t\u00e9 des aiguillons suffisamment forts pour montrer aux m\u00e9tiers, au-del\u00e0 m\u00eame des entreprises touch\u00e9es, l\u2019importance de leur implication au quotidien.<\/p>\n<h2>Une s\u00e9curit\u00e9 plus \u00e0 m\u00eame de d\u00e9tecter et de r\u00e9agir\u00a0en cas d\u2019incidents<\/h2>\n<p>2013 aura connu son lots d\u2019incidents. Toutes les menaces ont \u00e9t\u00e9 mises sur le devant de la sc\u00e8ne. \u00c9tats avec le rapport APT1 et les <a title=\"The Guardian - NSA\" href=\"http:\/\/www.theguardian.com\/world\/nsa\" target=\"_blank\" rel=\"noopener noreferrer\">r\u00e9v\u00e9lations sur la NSA<\/a>, cybercriminels avec l\u2019arrestation du plusieurs profils de haut niveau (<a title=\"Krebson Security - Meet Paunch: The Accused Author of the BlackHole Exploit Kit\" href=\"http:\/\/krebsonsecurity.com\/2013\/12\/meet-paunch-the-accused-author-of-the-blackhole-exploit-kit\/\" target=\"_blank\" rel=\"noopener noreferrer\">Paunch<\/a> par exemple) et des attaques destructrices (<a title=\"zdnet - South Korea hacks blamed on 'Dark Seoul Gang'\" href=\"http:\/\/www.zdnet.com\/south-korea-hacks-blamed-on-dark-seoul-gang-7000017382\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cor\u00e9e du Sud<\/a>) ou paralysantes (<a title=\"news.techworld - Cryptolocker scrambles eight years of data belonging to US town hall\" href=\"http:\/\/news.techworld.com\/security\/3495635\/cryptolocker-scrambles-eight-years-of-data-belonging-us-town-hall\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cryptolocker<\/a>). Tout ceci montre clairement que les incidents peuvent se produire et qu\u2019il n\u2019est pas toujours possible de les \u00e9viter. Il faut donc se pr\u00e9parer \u00e0 r\u00e9agir efficacement\u00a0!<\/p>\n<h2>Une s\u00e9curit\u00e9 qui anticipe les innovations<\/h2>\n<p>Les \u00e9volutions se succ\u00e8dent dans la soci\u00e9t\u00e9 et la s\u00e9curit\u00e9 doit les accompagner si elle n\u2019arrive pas \u00e0 les devancer. Les objets connect\u00e9s sont aujourd\u2019hui au c\u0153ur de toutes les attentions, et 2013 nous a montr\u00e9 leurs vuln\u00e9rabilit\u00e9s. <a title=\"Saurik - Exploiting a Bug in Google's Glass\" href=\"http:\/\/www.saurik.com\/id\/16\" target=\"_blank\" rel=\"noopener noreferrer\">Lunettes Google Glass<\/a>, voiture Ford ou Toyota, <a title=\"ExtremeTech - Philips Hue LED smart lights hacked, home blacked out by security researcher\" href=\"http:\/\/www.extremetech.com\/electronics\/163972-philips-hue-led-smart-lights-hacked-whole-homes-blacked-out-by-security-researcher\" target=\"_blank\" rel=\"noopener noreferrer\">ampoules Philips Hue<\/a>, drone Parrot, tous ces syst\u00e8mes ont \u00e9t\u00e9 pirat\u00e9s. Et sur ce volet, les efforts de s\u00e9curit\u00e9 doivent \u00eatre r\u00e9alis\u00e9 en amont, en effet, il sera tr\u00e8s complexe de les mettre \u00e0 jour une fois distribu\u00e9s sur le terrain\u00a0!<\/p>\n<p>La plupart des membres de la communaut\u00e9 de la s\u00e9curit\u00e9 de l\u2019information partagent d\u00e9j\u00e0 ces orientations, mais il est bon de les rappeler et de les confirmer afin qu\u2019elles guident nos actions sur 2014\u00a0!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9s \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis&#8230;<\/p>\n","protected":false},"author":15,"featured_media":4333,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3223,36],"tags":[1166,2632,265,327,3302],"coauthors":[837],"class_list":["post-4824","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-next-gen-it-security","category-cybersecurity-digital-trust","tag-anssi","tag-lpm","tag-malware","tag-piratage","tag-security-architecture"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?<\/title>\n<meta name=\"description\" content=\"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?\" \/>\n<meta property=\"og:description\" content=\"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2014-01-06T17:00:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T10:26:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"828\" \/>\n\t<meta property=\"og:image:height\" content=\"580\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00e9r\u00f4me Billois\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00e9r\u00f4me Billois\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\"},\"author\":{\"name\":\"G\u00e9r\u00f4me Billois\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\"},\"headline\":\"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?\",\"datePublished\":\"2014-01-06T17:00:58+00:00\",\"dateModified\":\"2019-12-31T10:26:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\"},\"wordCount\":710,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg\",\"keywords\":[\"ANSSI\",\"LPM\",\"malware\",\"piratage\",\"security architecture\"],\"articleSection\":[\"Cloud &amp; Next-Gen IT Security\",\"Cybersecurity &amp; Digital Trust\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\",\"name\":\"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg\",\"datePublished\":\"2014-01-06T17:00:58+00:00\",\"dateModified\":\"2019-12-31T10:26:04+00:00\",\"description\":\"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg\",\"width\":828,\"height\":580},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\",\"name\":\"G\u00e9r\u00f4me Billois\",\"description\":\"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?","description":"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/","og_locale":"en_US","og_type":"article","og_title":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?","og_description":"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?","og_url":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/","og_site_name":"RiskInsight","article_published_time":"2014-01-06T17:00:58+00:00","article_modified_time":"2019-12-31T10:26:04+00:00","og_image":[{"width":828,"height":580,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg","type":"image\/jpeg"}],"author":"G\u00e9r\u00f4me Billois","twitter_misc":{"Written by":"G\u00e9r\u00f4me Billois","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/"},"author":{"name":"G\u00e9r\u00f4me Billois","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17"},"headline":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?","datePublished":"2014-01-06T17:00:58+00:00","dateModified":"2019-12-31T10:26:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/"},"wordCount":710,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg","keywords":["ANSSI","LPM","malware","piratage","security architecture"],"articleSection":["Cloud &amp; Next-Gen IT Security","Cybersecurity &amp; Digital Trust"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/","url":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/","name":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg","datePublished":"2014-01-06T17:00:58+00:00","dateModified":"2019-12-31T10:26:04+00:00","description":"2013 aura \u00e9t\u00e9 une ann\u00e9e mouvement\u00e9e pour la s\u00e9curit\u00e9 de l\u2019information. Les \u00e9v\u00e9nements se sont succ\u00e9d\u00e9 \u00e0 une vitesse impressionnante. Les r\u00e9v\u00e9lations de Mandiant sur les moyens d\u2019attaques du c\u00f4t\u00e9 de la Chine ont d\u00e9j\u00e0 pr\u00e8s d\u2019un an et depuis juin, la NSA et Snowden occupent le devant de la sc\u00e8ne. Au-del\u00e0 de ces deux \u00e9v\u00e8nements m\u00e9diatiques, une succession d\u2019annonces, d\u2019attaques ou d\u2019incidents ont rythm\u00e9 l\u2019ann\u00e9e pass\u00e9e. Apr\u00e8s ces r\u00e9v\u00e9lations, 2014 devra \u00eatre une ann\u00e9e de progression pour la communaut\u00e9 dans son ensemble. Les directions sont connues et les principes partag\u00e9s. N\u00e9anmoins, leur promotion et leur application se feront sur 2014 ! 2013 aura fait avancer la prise de conscience\u2026 Que peut \u2013on souhaiter \u00e0 la s\u00e9curit\u00e9 de l\u2019information 2014 ?","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/fotolia_37787474_S1.jpg","width":828,"height":580},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/01\/que-souhaiter-pour-la-securite-de-linformation-en-2014\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Que souhaiter pour la s\u00e9curit\u00e9 de l\u2019information en 2014 ?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17","name":"G\u00e9r\u00f4me Billois","description":"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/4824","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=4824"}],"version-history":[{"count":8,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/4824\/revisions"}],"predecessor-version":[{"id":12441,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/4824\/revisions\/12441"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/4333"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=4824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=4824"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=4824"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=4824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}