{"id":777,"date":"2011-10-10T09:32:56","date_gmt":"2011-10-10T08:32:56","guid":{"rendered":"http:\/\/www.solucominsight.fr\/?p=777"},"modified":"2019-12-31T12:24:26","modified_gmt":"2019-12-31T11:24:26","slug":"comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/","title":{"rendered":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9"},"content":{"rendered":"<p>Au regard de ces r\u00e9cents \u00e9v\u00e8nements et des diff\u00e9rents types d\u2019attaques <a href=\"http:\/\/www.solucominsight.fr\/2011\/10\/nouvelles-menaces-externes-et-attaques-ciblees-quelle-strategie-pour-le-rssi\/\">(Tribune n\u00b01)<\/a> , le RSSI doit aujourd\u2019hui plus que jamais \u00e9valuer l\u2019exposition de son organisation aux attaques externes. Le secteur d\u2019activit\u00e9, la visibilit\u00e9 de la marque ou encore la sensibilit\u00e9 des donn\u00e9es manipul\u00e9es sont autant de crit\u00e8res \u00e0 prendre en compte. Cette \u00e9valuation doit \u00eatre faite de mani\u00e8re r\u00e9guli\u00e8re en fonction de l\u2019actualit\u00e9 de l\u2019organisation et de son environnement.<\/p>\n<p>La direction g\u00e9n\u00e9rale doit \u00eatre inform\u00e9e de cette \u00e9valuation de l\u2019exposition. En parall\u00e8le, il s\u2019agit \u00e9galement d\u2019identifier les donn\u00e9es les plus sensibles de l\u2019entreprise. Sans viser une classification exhaustive de l\u2019ensemble des informations, il est important de bien identifier les donn\u00e9es les plus sensibles et\/ou les plus expos\u00e9es, mais aussi qui elles peuvent int\u00e9resser, que ce soit des personnes malveillantes internes ou externes pour les prot\u00e9ger de la mani\u00e8re la plus efficace possible. Ces \u00e9l\u00e9ments permettent \u00e0 l\u2019organisation d\u2019\u00e9valuer le risque d\u2019\u00eatre vis\u00e9e par une attaque opportuniste ou cibl\u00e9e. Ils permettent de mieux organiser les plans d\u2019actions de protection.<\/p>\n<p><strong>Lutter contre les attaques opportunistes : retour aux fondamentaux<\/strong><\/p>\n<p>Les attaques opportunistes sont souvent simples. Elles utilisent des vuln\u00e9rabilit\u00e9s \u00e9videntes dans le SI et visent les syst\u00e8mes expos\u00e9s publiquement. Il est facile de s\u2019en prot\u00e9ger en investissant les moyens n\u00e9cessaires pour mettre en place, concr\u00e8tement, les bonnes pratiques de s\u00e9curit\u00e9. Trois th\u00e8mes ressortent particuli\u00e8rement :<\/p>\n<p><strong>\u2022 La s\u00e9curit\u00e9 applicative : <\/strong>les vuln\u00e9rabilit\u00e9s web sont le vecteur principal d\u2019attaque (injection SQL, mots de passe simples et stock\u00e9s en clair, etc.). Il est crucial de rapidement renforcer la s\u00e9curit\u00e9 applicative en agissant en amont sur les d\u00e9veloppeurs et les m\u00e9tiers, et en aval sur les audits avant mise en production.<\/p>\n<p><strong>\u2022 Le maintien \u00e0 jour de l\u2019infrastructure : <\/strong>m\u00eame si des efforts ont \u00e9t\u00e9 r\u00e9alis\u00e9s, la gestion des correctifs, le durcissement des syst\u00e8mes (y compris des comptes administrateurs) et l\u2019utilisation de zone d\u2019isolation (DMZ) ne sont encore parfois mis en oeuvre que partiellement.<\/p>\n<p><strong>\u2022 La mise en place de contr\u00f4les r\u00e9guliers : <\/strong>que ce soit par l\u2019interm\u00e9diaire d\u2019audits, de tests d\u2019intrusion ou par la mise en place de syst\u00e8mes de d\u00e9tection d\u2019intrusion ou de gestion des traces, des contr\u00f4les r\u00e9guliers sont essentiels pour garantir le niveau de s\u00e9curit\u00e9 dans le temps.<\/p>\n<p>Ces mesures matures et largement ma\u00eetris\u00e9es permettent aujourd\u2019hui de lutter efficacement contre les attaques opportunistes. Aujourd\u2019hui, elles sont efficaces car le syst\u00e8me d\u2019information repose sur un mod\u00e8le de protection p\u00e9rim\u00e9trique, distinguant le r\u00e9seau interne des r\u00e9seaux externes, plus expos\u00e9s. Dans le futur, ce mod\u00e8le dispara\u00eetra irr\u00e9m\u00e9diablement et les applications internes seront de plus en plus expos\u00e9es.<\/p>\n<p>Nous d\u00e9taillons dans le focus <a href=\"http:\/\/www.solucom.fr\/Publications\">\u00ab 2015 : une r\u00e9volution pour la s\u00e9curit\u00e9 ? \u00bb<\/a>, comment adapter sa strat\u00e9gie pour r\u00e9pondre \u00e0 ces \u00e9volutions et mettre en place une s\u00e9curit\u00e9 centr\u00e9e sur les donn\u00e9es en profondeur dans le SI.<\/p>\n<p>Lutter contre les attaques opportunistes est possible en utilisant les moyens de s\u00e9curisation existant, mais comment r\u00e9agir face aux attaques cibl\u00e9es ? <a href=\"http:\/\/www.solucominsight.fr\/2011\/09\/du-%c2%ab-secret-defense-%c2%bb-au-%c2%ab-secret-entreprise-%c2%bb-des-mesures-avancees-a-deployer-pour-lutter-contre-les-attaques-ciblees\/\">(Tribune n\u00b03)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Au regard de ces r\u00e9cents \u00e9v\u00e8nements et des diff\u00e9rents types d\u2019attaques (Tribune n\u00b01) , le RSSI doit aujourd\u2019hui plus que jamais \u00e9valuer l\u2019exposition de son organisation aux attaques externes. Le secteur d\u2019activit\u00e9, la visibilit\u00e9 de la marque ou encore la&#8230;<\/p>\n","protected":false},"author":15,"featured_media":6344,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3223,36],"tags":[3259,59,181],"coauthors":[837],"class_list":["post-777","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cloud-next-gen-it-security","category-cybersecurity-digital-trust","tag-data-protection-2","tag-donnees","tag-rssi"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Au regard de ces r\u00e9cents \u00e9v\u00e8nements et des diff\u00e9rents types d\u2019attaques (Tribune n\u00b01) , le RSSI doit aujourd\u2019hui plus que jamais \u00e9valuer l\u2019exposition de son organisation aux attaques externes. Le secteur d\u2019activit\u00e9, la visibilit\u00e9 de la marque ou encore la...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2011-10-10T08:32:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T11:24:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"573\" \/>\n\t<meta property=\"og:image:height\" content=\"214\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00e9r\u00f4me Billois\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00e9r\u00f4me Billois\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\"},\"author\":{\"name\":\"G\u00e9r\u00f4me Billois\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\"},\"headline\":\"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9\",\"datePublished\":\"2011-10-10T08:32:56+00:00\",\"dateModified\":\"2019-12-31T11:24:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\"},\"wordCount\":595,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"keywords\":[\"data protection\",\"donn\u00e9es\",\"RSSI\"],\"articleSection\":[\"Cloud &amp; Next-Gen IT Security\",\"Cybersecurity &amp; Digital Trust\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\",\"name\":\"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"datePublished\":\"2011-10-10T08:32:56+00:00\",\"dateModified\":\"2019-12-31T11:24:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg\",\"width\":573,\"height\":214},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\",\"name\":\"G\u00e9r\u00f4me Billois\",\"description\":\"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/","og_locale":"en_US","og_type":"article","og_title":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight","og_description":"Au regard de ces r\u00e9cents \u00e9v\u00e8nements et des diff\u00e9rents types d\u2019attaques (Tribune n\u00b01) , le RSSI doit aujourd\u2019hui plus que jamais \u00e9valuer l\u2019exposition de son organisation aux attaques externes. Le secteur d\u2019activit\u00e9, la visibilit\u00e9 de la marque ou encore la...","og_url":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/","og_site_name":"RiskInsight","article_published_time":"2011-10-10T08:32:56+00:00","article_modified_time":"2019-12-31T11:24:26+00:00","og_image":[{"width":573,"height":214,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","type":"image\/jpeg"}],"author":"G\u00e9r\u00f4me Billois","twitter_misc":{"Written by":"G\u00e9r\u00f4me Billois","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/"},"author":{"name":"G\u00e9r\u00f4me Billois","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17"},"headline":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9","datePublished":"2011-10-10T08:32:56+00:00","dateModified":"2019-12-31T11:24:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/"},"wordCount":595,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","keywords":["data protection","donn\u00e9es","RSSI"],"articleSection":["Cloud &amp; Next-Gen IT Security","Cybersecurity &amp; Digital Trust"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/","url":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/","name":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","datePublished":"2011-10-10T08:32:56+00:00","dateModified":"2019-12-31T11:24:26+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2012\/10\/Cybercriminalite1.jpg","width":573,"height":214},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2011\/10\/comment-reagir-evaluer-son-exposition-et-adopter-une-strategie-de-protection-des-donnees-en-fonction-de-leur-sensibilite\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Comment r\u00e9agir aux attaques ? \u00c9valuer son exposition et adopter une strat\u00e9gie de protection des donn\u00e9es en fonction de leur sensibilit\u00e9"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17","name":"G\u00e9r\u00f4me Billois","description":"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley &amp; Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/777","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=777"}],"version-history":[{"count":9,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/777\/revisions"}],"predecessor-version":[{"id":6493,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/777\/revisions\/6493"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/6344"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=777"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}