{"id":5133,"date":"2014-02-24T17:18:36","date_gmt":"2014-02-24T16:18:36","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=5133"},"modified":"2020-01-02T10:56:42","modified_gmt":"2020-01-02T09:56:42","slug":"attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/","title":{"rendered":"Attaquer son propre SI : un moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9"},"content":{"rendered":"<p>Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes <a title=\"Dispositifs de gestion de crise et s\u00e9curit\u00e9 des SI : que font les grands comptes fran\u00e7ais ?\" href=\"http:\/\/www.solucominsight.fr\/2013\/11\/dispositifs-de-gestion-de-crise-et-securite-des-si-que-font-les-grands-comptes-francais\/\">d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI)<\/a> : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.<\/p>\n<p>Et pourtant, le temps est un facteur cl\u00e9 dans la gestion de toute crise. Dans le cas d\u2019une crise S\u00e9curit\u00e9 SI, une d\u00e9tection et une remont\u00e9e d\u2019alerte tardive auront des impacts importants pour l\u2019organisation (cf. notre synth\u00e8se<a title=\"Synth\u00e8se cybercriminalit\u00e9\" href=\"http:\/\/www.solucom.fr\/publication\/synthese-n47-cybercriminalite-comment-agir-aujourdhui\/\" target=\"_blank\" rel=\"noopener noreferrer\"> \u00ab Cybercriminalit\u00e9, comment agir d\u00e8s aujourd\u2019hui \u00bb<\/a>). Pour cette raison, mettre en place et \u00e9prouver les outils et processus de ces phases est un enjeu fondamental pour la fili\u00e8re SSI. Suite \u00e0 la mise en place d\u2019une organisation de gestion de crise SSI, l\u2019exercice \u00ab sur table \u00bb constitue un premier niveau de test permettant de valider une proc\u00e9dure sur son principe mais les conclusions en termes d\u2019efficacit\u00e9 du dispositif sont limit\u00e9es. Il convient donc d\u2019aller plus loin dans le r\u00e9alisme en simulant \u00e0 la fois l\u2019aspect technique et le facteur de surprise engendr\u00e9 par une attaque.<\/p>\n<h2>Exercice cybercriminalit\u00e9 : mimer les sympt\u00f4mes et les comportements d\u2019une vraie attaque<\/h2>\n<p>Pour se rapprocher d\u2019un cas r\u00e9el, la meilleure solution reste de simuler techniquement des sympt\u00f4mes au bon niveau :<\/p>\n<ul>\n<li>\u00a0Des stimulations \u00ab faibles \u00bb, repr\u00e9sentatives d\u2019une attaque, pour tester la d\u00e9tection par l\u2019outillage et les processus en place<\/li>\n<li>\u00a0Des stimulations \u00ab fortes \u00bb, plus d\u00e9tectables, afin de susciter une r\u00e9action et pouvoir tester la bonne sensibilisation des acteurs cibl\u00e9s<\/li>\n<\/ul>\n<p>Les attaques cibl\u00e9es subies par nos clients s\u2019\u00e9tendent g\u00e9n\u00e9ralement sur plusieurs semaines voire mois. Afin d\u2019en mimer la dynamique, ces stimulations pourront donc s\u2019\u00e9taler sur plusieurs jours.<\/p>\n<p>Adopter une telle d\u00e9marche permettra aux collaborateurs participants \u00e0 l\u2019exercice d\u2019appr\u00e9hender les signaux faibles d\u2019un incident de s\u00e9curit\u00e9 majeur qui restent souvent peu concrets pour eux.<\/p>\n<h2>Et m\u00eame organiser un exercice impromptu !<\/h2>\n<p>Pour aller plus loin, une fois que l\u2019organisation aura \u00e9t\u00e9 sensibilis\u00e9e \u00e0 la d\u00e9tection et au traitement d\u2019incident SSI, la r\u00e9alisation d\u2019un exercice techniquement simul\u00e9, sans pr\u00e9venir les acteurs cibl\u00e9s, permet de se rapprocher encore davantage d\u2019un cas r\u00e9el. Cette m\u00e9thode pr\u00e9sente de nombreux avantages :<\/p>\n<ul>\n<li>L\u2019\u00e9valuation de la capacit\u00e9 de d\u00e9tection de sympt\u00f4mes types d\u2019un incident s\u00e9curit\u00e9<\/li>\n<li>La v\u00e9rification de la connaissance et de la bonne application des proc\u00e9dures de s\u00e9curit\u00e9, les collaborateurs cibl\u00e9s n\u2019ayant pas n\u00e9cessairement le r\u00e9flexe de s\u2019y r\u00e9f\u00e9rer<\/li>\n<li>La mise \u00e0 l\u2019\u00e9preuve des circuits de remont\u00e9e d\u2019alerte d\u00e9finis, les collaborateurs cibl\u00e9s ayant le plus souvent recours \u00e0 la solution la plus naturelle pour eux.<\/li>\n<\/ul>\n<p>En contrepartie, ce type d\u2019exercice demande une pr\u00e9paration logistique plus pouss\u00e9e. En premier lieu, il s\u2019agit d\u2019\u00e9viter que les acteurs cibl\u00e9s lancent des actions de traitement de l\u2019incident susceptibles de perturber la production. Pour ce faire, il est souhaitable de mobiliser des complices au sein du management qui seront en charge de surveiller et contr\u00f4ler le bon d\u00e9roul\u00e9 des \u00e9v\u00e8nements. En compl\u00e9ment, il conviendra de bien pr\u00e9ciser le contexte RH de la d\u00e9marche afin de ne pas susciter une r\u00e9action n\u00e9gative de l\u2019utilisateur \u00e9valu\u00e9 \u00e0 son insu. Une consultation des IRP est conseill\u00e9e avant d\u2019entreprendre un tel exercice au sein de l\u2019organisation.<\/p>\n<h2>L\u2019exercice de gestion de crise cybercriminalit\u00e9 : un levier de sensibilisation efficace pour la fonction SSI<\/h2>\n<p>Ce type d\u2019exercice est riche d\u2019enseignements pour la fonction SSI. Il est un r\u00e9v\u00e9lateur de failles dans les dispositifs de d\u00e9tection et d\u2019alerte. Il est surtout un formidable vecteur de sensibilisation des utilisateurs. Suite \u00e0 un tel exercice, la perception de la s\u00e9curit\u00e9 change fondamentalement : initialement ressentie comme une contrainte, elle devient un besoin exprim\u00e9 directement par les utilisateurs impliqu\u00e9s.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises&#8230;<\/p>\n","protected":false},"author":16,"featured_media":6182,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3225],"tags":[],"coauthors":[804],"class_list":["post-5133","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT<\/title>\n<meta name=\"description\" content=\"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT\" \/>\n<meta property=\"og:description\" content=\"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2014-02-24T16:18:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-02T09:56:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1393\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Rapha\u00ebl Brun\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rapha\u00ebl Brun\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\"},\"author\":{\"name\":\"Rapha\u00ebl Brun\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494\"},\"headline\":\"Attaquer son propre SI : un moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9\",\"datePublished\":\"2014-02-24T16:18:36+00:00\",\"dateModified\":\"2020-01-02T09:56:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\"},\"wordCount\":710,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg\",\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Ethical Hacking &amp; Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\",\"name\":\"Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg\",\"datePublished\":\"2014-02-24T16:18:36+00:00\",\"dateModified\":\"2020-01-02T09:56:42+00:00\",\"description\":\"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg\",\"width\":1500,\"height\":1393},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Attaquer son propre SI : un moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494\",\"name\":\"Rapha\u00ebl Brun\",\"description\":\"Rapha\u00ebl BRUN is a Senior Manager at Wavestone within the Cybersecurity and Digital Trust practice. He graduated from the University of Technology of Troyes in France in 2008. He has expertise in crisis management, business continuity management and cybersecurity governance, developed over 10 years of experience. Raphael is also a seasoned speaker about data privacy: he addresses this topic on a regular basis on Insurance Speaker or Risk Insight.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raphael-brun\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT","description":"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/","og_locale":"en_US","og_type":"article","og_title":"Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT","og_description":"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.","og_url":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/","og_site_name":"RiskInsight","article_published_time":"2014-02-24T16:18:36+00:00","article_modified_time":"2020-01-02T09:56:42+00:00","og_image":[{"width":1500,"height":1393,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg","type":"image\/jpeg"}],"author":"Rapha\u00ebl Brun","twitter_misc":{"Written by":"Rapha\u00ebl Brun","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/"},"author":{"name":"Rapha\u00ebl Brun","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494"},"headline":"Attaquer son propre SI : un moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9","datePublished":"2014-02-24T16:18:36+00:00","dateModified":"2020-01-02T09:56:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/"},"wordCount":710,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg","articleSection":["Cybersecurity &amp; Digital Trust","Ethical Hacking &amp; Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/","url":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/","name":"Attaquer son propre SI : une moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9 - solucomINSIGHT","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg","datePublished":"2014-02-24T16:18:36+00:00","dateModified":"2020-01-02T09:56:42+00:00","description":"Les entreprises font preuve d\u2019une certaine maturit\u00e9 en termes d\u2019organisation de gestion de crise S\u00e9curit\u00e9 du Syst\u00e8me d\u2019Information (SSI) : existence de cellules de gestion de crise, tenue d\u2019exercices de crise r\u00e9guliers\u2026 Pourtant, la d\u00e9tection et la qualification des crises SSI ne sont que rarement \u00e9prouv\u00e9es, ceci malgr\u00e9 leur importance au sein du dispositif global.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2014\/02\/ouverture-risques-mopic-fotolia.com_.jpg","width":1500,"height":1393},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2014\/02\/attaquer-son-propre-si-un-moyen-pour-se-preparer-a-une-crise-cybercriminalite\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Attaquer son propre SI : un moyen pour se pr\u00e9parer \u00e0 une crise cybercriminalit\u00e9"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/45dd574ed29861f917c3763e0fbcb494","name":"Rapha\u00ebl Brun","description":"Rapha\u00ebl BRUN is a Senior Manager at Wavestone within the Cybersecurity and Digital Trust practice. He graduated from the University of Technology of Troyes in France in 2008. He has expertise in crisis management, business continuity management and cybersecurity governance, developed over 10 years of experience. Raphael is also a seasoned speaker about data privacy: he addresses this topic on a regular basis on Insurance Speaker or Risk Insight.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/raphael-brun\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/5133","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=5133"}],"version-history":[{"count":10,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/5133\/revisions"}],"predecessor-version":[{"id":12530,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/5133\/revisions\/12530"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/6182"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=5133"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=5133"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=5133"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=5133"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}