{"id":762,"date":"2011-10-04T17:12:06","date_gmt":"2011-10-04T16:12:06","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=762"},"modified":"2019-12-31T12:24:48","modified_gmt":"2019-12-31T11:24:48","slug":"nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/","title":{"rendered":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ?"},"content":{"rendered":"

Minist\u00e8re des Finances, Google, Sony, RSA, secteur p\u00e9trolier\/\u00e9nergie, entit\u00e9s gouvernementales\u2026autant d\u2019acteurs qui ont en commun d\u2019avoir \u00e9t\u00e9 victimes d\u2019attaques informatiques. Ces derni\u00e8res ont d\u00e9fray\u00e9 la chronique, faisant les grands titres des m\u00e9dias g\u00e9n\u00e9ralistes et \u00e9conomiques. Elles ont souvent g\u00e9n\u00e9r\u00e9 des pertes sonnantes et tr\u00e9buchantes : 170 millions de dollars pour Sony, 66 millions de dollars pour RSA ; sans compter l\u2019impact d\u2019image. Au-del\u00e0 de cette explosion du nombre de cas, se cache une r\u00e9alit\u00e9 complexe avec des points saillants aujourd\u2019hui bien identifi\u00e9s.<\/p>\n

Tout d\u2019abord, les attaques ne visent plus uniquement les entit\u00e9s gouvernementales ou leurs sous-traitants et leurs fameux \u00ab secret d\u00e9fense \u00bb. Les entreprises sont aujourd\u2019hui la cible, soit pour les donn\u00e9es de leurs clients, soit pour leurs propres donn\u00e9es (strat\u00e9gie, R&D, accords commerciaux…). Le ph\u00e9nom\u00e8ne est mondial et la France est concern\u00e9e, m\u00eame si cela est moins visible. Tous les secteurs d\u2019activit\u00e9s sont touch\u00e9s sans distinction.<\/p>\n

Mais au-del\u00e0 de ce buzz <\/em>m\u00e9diatique, que retenir de l\u2019\u00e9volution de la s\u00e9curit\u00e9 de l\u2019information sur ces 12 derniers mois ? Et que doit r\u00e9pondre le RSSI \u00e0 sa direction g\u00e9n\u00e9rale qui l\u2019interroge de plus en plus fr\u00e9quemment sur ces affaires ?<\/p>\n

Diffuses, opportunistes ou cibl\u00e9es : savoir reconna\u00eetre les attaques<\/strong><\/p>\n

L\u2019analyse des \u00e9v\u00e8nements r\u00e9cents fait ressortir trois diff\u00e9rents types d\u2019attaques. La premi\u00e8re cat\u00e9gorie, \u00ab historique \u00bb, correspond aux habituelles infections virales ou encore au spam. <\/strong>Il s\u2019agit d\u2019attaques diffuses<\/strong>. Ne visant pas une organisation en particulier, ces attaques vont avoir un effet n\u00e9faste sur le SI : d\u00e9ni de service, perte de donn\u00e9es utilisateurs\u2026<\/p>\n

Ces attaques sont souvent simples \u00e0 \u00e9viter et simples \u00e0 juguler. Elles ont marqu\u00e9 les entreprises d\u00e8s les ann\u00e9es 2000 pour conna\u00eetre leur derni\u00e8re it\u00e9ration majeure avec Conficker <\/em>en 2008. Celles-ci ne seront pas abord\u00e9es dans la suite de l\u2019article.<\/p>\n

La deuxi\u00e8me cat\u00e9gorie, l\u2019attaque opportuniste, est \u00e0 but lucratif ou id\u00e9ologique. <\/strong>Elle vise soit \u00e0 capturer de l\u2019information facilement monnayable (donn\u00e9es des clients, donn\u00e9es de cartes bancaires, etc.), soit \u00e0 avoir un effet m\u00e9diatique important (d\u00e9ni de service distribu\u00e9 ou defacement <\/em>de sites web publics, vols de donn\u00e9es lambda ensuite publi\u00e9es sur internet, etc.). Elle ne rel\u00e8ve souvent pas d\u2019un haut niveau de technicit\u00e9 et ses auteurs ne cherchent pas \u00e0 nuire \u00e0 tout prix \u00e0 une organisation donn\u00e9e. Aussi, si l\u2019une est plus s\u00e9curis\u00e9e qu\u2019une autre, ils passeront leur chemin pour se jeter sur la proie la plus facile. Ce sc\u00e9nario est \u00e9galement majoritairement vrai pour les attaques \u00ab id\u00e9ologiques \u00bb. Il s\u2019agit pour des groupes comme Lulzsec ou Anonymous de capturer, l\u00e0 o\u00f9 c\u2019est facile, des donn\u00e9es per\u00e7ues comme sensibles et de les rendre publiques. La quasi-totalit\u00e9 de leurs attaques ont \u00e9t\u00e9 rendues possibles par des manques criants de s\u00e9curit\u00e9 et des failles extr\u00eamement simples dans les syst\u00e8mes des organisations vis\u00e9es.<\/p>\n

La troisi\u00e8me cat\u00e9gorie correspond \u00e0 l\u2019attaque cibl\u00e9e. <\/strong>Celle-ci vise des informations sensibles et pr\u00e9cises dans l\u2019organisation. Ses auteurs sont mandat\u00e9s pour viser une entit\u00e9 en particulier avec un objectif clair. Ils disposent de temps pour comprendre et analyser l\u2019organisation, pr\u00e9parent des sc\u00e9narios d\u2019attaques et utilisent tous les moyens \u00e0 leur disposition, techniques comme humains, internes comme externes, simples comme complexes, afin d\u2019atteindre leur but. Le niveau de technicit\u00e9 et les moyens disponibles s\u2019\u00e9l\u00e8vent drastiquement, tout comme les enjeux. La communaut\u00e9 s\u00e9curit\u00e9 \u00e9voque ainsi le terme APT ou Advanced Persistent Threat <\/em>pour d\u00e9crire ces menaces avanc\u00e9es et persistantes. Google ou RSA en ont \u00e9t\u00e9 victimes. De nombreux autres cas ont \u00e9t\u00e9 recens\u00e9s, y compris en France. Les attaques les plus courantes reposent sur des emails pi\u00e9g\u00e9s \u00e9mis \u00e0 destination de personnes cl\u00e9s (spear-phishing<\/em>), ou encore des attaques sur des plate-formes externes (site web) permettant ensuite des rebonds multiples sur le r\u00e9seau interne pour atteindre les donn\u00e9es de l\u2019organisation vis\u00e9e.<\/p>\n

Apr\u00e8s cette entr\u00e9e en mati\u00e8re, deux autres tribunes vont venir compl\u00e9ter l’analyse.<\/p>\n

Tribune n\u00b02<\/a><\/p>\n

Tribune n\u00b03<\/a><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Minist\u00e8re des Finances, Google, Sony, RSA, secteur p\u00e9trolier\/\u00e9nergie, entit\u00e9s gouvernementales\u2026autant d\u2019acteurs qui ont en commun d\u2019avoir \u00e9t\u00e9 victimes d\u2019attaques informatiques. Ces derni\u00e8res ont d\u00e9fray\u00e9 la chronique, faisant les grands titres des m\u00e9dias g\u00e9n\u00e9ralistes et \u00e9conomiques. Elles ont souvent g\u00e9n\u00e9r\u00e9 des…<\/p>\n","protected":false},"author":15,"featured_media":6343,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3225],"tags":[175,474,3320,174],"coauthors":[837],"class_list":["post-762","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response","tag-apt","tag-attaque","tag-incident-response-cert-w","tag-informations"],"acf":[],"yoast_head":"\nNouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Minist\u00e8re des Finances, Google, Sony, RSA, secteur p\u00e9trolier\/\u00e9nergie, entit\u00e9s gouvernementales\u2026autant d\u2019acteurs qui ont en commun d\u2019avoir \u00e9t\u00e9 victimes d\u2019attaques informatiques. Ces derni\u00e8res ont d\u00e9fray\u00e9 la chronique, faisant les grands titres des m\u00e9dias g\u00e9n\u00e9ralistes et \u00e9conomiques. Elles ont souvent g\u00e9n\u00e9r\u00e9 des...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2011-10-04T16:12:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T11:24:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"573\" \/>\n\t<meta property=\"og:image:height\" content=\"214\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00e9r\u00f4me Billois\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00e9r\u00f4me Billois\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\"},\"author\":{\"name\":\"G\u00e9r\u00f4me Billois\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\"},\"headline\":\"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ?\",\"datePublished\":\"2011-10-04T16:12:06+00:00\",\"dateModified\":\"2019-12-31T11:24:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\"},\"wordCount\":740,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg\",\"keywords\":[\"APT\",\"attaque\",\"incident response CERT-W\",\"informations\"],\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Ethical Hacking & Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\",\"name\":\"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg\",\"datePublished\":\"2011-10-04T16:12:06+00:00\",\"dateModified\":\"2019-12-31T11:24:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg\",\"width\":573,\"height\":214},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\",\"name\":\"G\u00e9r\u00f4me Billois\",\"description\":\"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley & Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/","og_locale":"en_US","og_type":"article","og_title":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight","og_description":"Minist\u00e8re des Finances, Google, Sony, RSA, secteur p\u00e9trolier\/\u00e9nergie, entit\u00e9s gouvernementales\u2026autant d\u2019acteurs qui ont en commun d\u2019avoir \u00e9t\u00e9 victimes d\u2019attaques informatiques. Ces derni\u00e8res ont d\u00e9fray\u00e9 la chronique, faisant les grands titres des m\u00e9dias g\u00e9n\u00e9ralistes et \u00e9conomiques. Elles ont souvent g\u00e9n\u00e9r\u00e9 des...","og_url":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/","og_site_name":"RiskInsight","article_published_time":"2011-10-04T16:12:06+00:00","article_modified_time":"2019-12-31T11:24:48+00:00","og_image":[{"width":573,"height":214,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg","type":"image\/jpeg"}],"author":"G\u00e9r\u00f4me Billois","twitter_misc":{"Written by":"G\u00e9r\u00f4me Billois","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/"},"author":{"name":"G\u00e9r\u00f4me Billois","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17"},"headline":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ?","datePublished":"2011-10-04T16:12:06+00:00","dateModified":"2019-12-31T11:24:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/"},"wordCount":740,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg","keywords":["APT","attaque","incident response CERT-W","informations"],"articleSection":["Cybersecurity & Digital Trust","Ethical Hacking & Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/","url":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/","name":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ? - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg","datePublished":"2011-10-04T16:12:06+00:00","dateModified":"2019-12-31T11:24:48+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite.jpg","width":573,"height":214},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Nouvelles menaces externes et attaques cibl\u00e9es : quelle strat\u00e9gie pour le RSSI ?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17","name":"G\u00e9r\u00f4me Billois","description":"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley & Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/762","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=762"}],"version-history":[{"count":10,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/762\/revisions"}],"predecessor-version":[{"id":6499,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/762\/revisions\/6499"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/6343"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=762"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=762"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=762"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=762"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}