{"id":8851,"date":"2016-03-16T08:19:12","date_gmt":"2016-03-16T07:19:12","guid":{"rendered":"https:\/\/www.solucominsight.fr\/?p=8851"},"modified":"2019-12-31T10:22:48","modified_gmt":"2019-12-31T09:22:48","slug":"jour-ransomwares-ont-change-de-dimension","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/","title":{"rendered":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ?"},"content":{"rendered":"

L’alerte nous vient des \u00c9tats-Unis, des ransomwares d’un nouveau genre, cibl\u00e9s et touchant directement les entreprises auraient vu le jour. Quels sont leurs caract\u00e9ristiques et comment prendre en compte ce risque ?<\/em><\/p>\n

Des ransomwares d’un nouveau genre<\/h1>\n

Les ransomwares sont aujourd\u2019hui tr\u00e8s r\u00e9pandus, des milliers d’attaques ont lieu chaque jour et de tr\u00e8s nombreuses entreprises sont touch\u00e9es. Mais cela uniquement par “malchance” car les ransomwares que nous connaissons aujourd\u2019hui ne ciblent personne en particulier. Ils sont \u00a0en effet envoy\u00e9s dans des vagues massives de faux emails, avec des pi\u00e8ces jointes v\u00e9roles. L\u2019ouverture de \u00a0ces pi\u00e8ces jointes permettra au ransomware de se t\u00e9l\u00e9charger et entrainera le chiffrement des donn\u00e9es pr\u00e9sentes sur le poste de travail mais \u00e9galement sur \u00a0les disques r\u00e9seaux partag\u00e9s.<\/p>\n

Quelques postes, quelques serveurs touch\u00e9s, la gestion de l’incident est alors r\u00e9alis\u00e9e en quelques heures, voire quelques jours et les pertes sont souvent limites si des sauvegardes existent.<\/a><\/p>\n

Mais ce sch\u00e9ma “classique” pourrait se voir supplanter par un nouveau type de ransomware : les ransomwares cibl\u00e9s.<\/p>\n

Des cas r\u00e9cents de ransomwares cibl\u00e9s<\/h1>\n

Trois grandes soci\u00e9t\u00e9s aux \u00c9tats-Unis<\/a> auraient \u00e9t\u00e9 touch\u00e9es tr\u00e8s r\u00e9cemment. \u00a0Le mode op\u00e9ratoire de ces nouveaux ransomware rappellent les attaques cibl\u00e9es<\/a> : les attaquants s’introduisent sur le r\u00e9seau en compromettant un poste puis rebondissent jusqu\u2019\u00e0 prendre le contr\u00f4le des infrastructures centrales. A la diff\u00e9rence des attaques cibl\u00e9es classiques, les attaquants ne volent pas de donn\u00e9es mais utilisent les droits d’administration acquis pour distribuer un ransomware sur l’ensemble des postes d’une entreprise. Ce n’est alors plus quelques postes de travail qui sont touch\u00e9s, mais plusieurs milliers. Les impacts sont alors consid\u00e9rables et se rapprochent de ceux subits lors d’attaque visant \u00e0 d\u00e9truire les machines comme chez Sony<\/a> ou chez Saudi Aramco<\/a>.<\/p>\n

Repenser la cyber r\u00e9silience pour inclure l\u2019\u00e9volution de la menace<\/h1>\n

M\u00eame si ces attaques sont encore peu r\u00e9pandues et qu’elles n’ont pas totalement r\u00e9ussies, ces r\u00e9v\u00e9lations posent beaucoup de questions sur les motivations des attaquants<\/a>. Ces attaques peuvent\u00a0 en effet \u00eatre tr\u00e8s lucratives, car pour retrouver les donn\u00e9es infect\u00e9es, le ransomware demande de payer une ran\u00e7on. La question est de savoir si certaines entreprises paieront cette ran\u00e7on. Si c\u2019est \u00a0le cas, cela motivera encore plus les attaquants. Rappelons le cas de l’h\u00f4pital am\u00e9ricain<\/a> qui avait finalement pay\u00e9 la demande de ran\u00e7on de 17\u00a0000 dollars en f\u00e9vrier dernier pour r\u00e9cup\u00e9rer les donn\u00e9es de leurs patients.<\/p>\n

Pour les entreprises il est essentiel de se pr\u00e9munir de ces attaques mais aussi de savoir les g\u00e9rer. Se pr\u00e9munir passe par une bonne hygi\u00e8ne informatique et surtout par une s\u00e9curisation pouss\u00e9e des m\u00e9canismes d’administration massive du SI (Active Directory, t\u00e9l\u00e9distribution…) et en particulier par la s\u00e9curisation des postes utilis\u00e9s par les administrateurs du SI<\/a>. La compartimentation du SI est aussi cl\u00e9 pour \u00eatre capable de limiter les impacts (principe des cloisons \u00e9tanches du bateau). Ces chantiers sont souvent en cours dans les grandes entreprises mais l’apparition de cette nouvelle menace ne peut que renforcer leur priorit\u00e9.<\/p>\n

D’autre part les processus de gestion de crise doivent \u00eatre adapt\u00e9s pour prendre en compte ce sc\u00e9nario qui pose le probl\u00e8me de la capacit\u00e9 m\u00eame \u00e0 g\u00e9rer la crise si plus aucun poste de travail ou serveur n’est disponible. On retrouve alors certains m\u00e9canismes d\u00e9j\u00e0 pr\u00e9vus pour les sc\u00e9narios destructifs comme l’approvisionnement rapide de machine ou l’existence d’un parc alternatif (avec des OS diff\u00e9rents et\/ou hors syst\u00e8mes de gestion de parc classique) pour a minima g\u00e9rer la crise. Les syst\u00e8mes dans le cloud peuvent aussi \u00eatre une r\u00e9ponse au moins partielle \u00e0 cette probl\u00e9matique. \u00c0 nouveau, ces r\u00e9flexions sont en cours mais la prise en compte de ce scenario de risque est certainement \u00e0 r\u00e9\u00e9valuer.<\/p>\n

 <\/p>\n

Les ransomwares \u00e9voluent, ils se professionnalisent et font courir aux entreprises des risques forts d’indisponibilit\u00e9 massive du SI. Ces risques sont aujourd\u2019hui inacceptables dans bons nombres d’entreprises. Il faut donc \u00e9valuer ces risques et les prendre en compte dans les prochains plans d’action.<\/p>\n","protected":false},"excerpt":{"rendered":"

L’alerte nous vient des \u00c9tats-Unis, des ransomwares d’un nouveau genre, cibl\u00e9s et touchant directement les entreprises auraient vu le jour. Quels sont leurs caract\u00e9ristiques et comment prendre en compte ce risque ? Des ransomwares d’un nouveau genre Les ransomwares sont…<\/p>\n","protected":false},"author":15,"featured_media":8853,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3225],"tags":[2594,2593,3038],"coauthors":[837],"class_list":["post-8851","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-ethical-hacking-indicent-response","tag-rancongiciel","tag-ransomware","tag-threat-intelligence"],"acf":[],"yoast_head":"\nLe jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"L’alerte nous vient des \u00c9tats-Unis, des ransomwares d’un nouveau genre, cibl\u00e9s et touchant directement les entreprises auraient vu le jour. Quels sont leurs caract\u00e9ristiques et comment prendre en compte ce risque ? Des ransomwares d’un nouveau genre Les ransomwares sont...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2016-03-16T07:19:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T09:22:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1641\" \/>\n\t<meta property=\"og:image:height\" content=\"1158\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"G\u00e9r\u00f4me Billois\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"G\u00e9r\u00f4me Billois\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\"},\"author\":{\"name\":\"G\u00e9r\u00f4me Billois\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\"},\"headline\":\"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ?\",\"datePublished\":\"2016-03-16T07:19:12+00:00\",\"dateModified\":\"2019-12-31T09:22:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\"},\"wordCount\":758,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"keywords\":[\"ran\u00e7ongiciel\",\"ransomware\",\"Threat intelligence\"],\"articleSection\":[\"Cybersecurity & Digital Trust\",\"Ethical Hacking & Incident Response\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\",\"name\":\"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"datePublished\":\"2016-03-16T07:19:12+00:00\",\"dateModified\":\"2019-12-31T09:22:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg\",\"width\":1641,\"height\":1158},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity & digital trust blog by Wavestone's consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17\",\"name\":\"G\u00e9r\u00f4me Billois\",\"description\":\"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley & Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/","og_locale":"en_US","og_type":"article","og_title":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight","og_description":"L’alerte nous vient des \u00c9tats-Unis, des ransomwares d’un nouveau genre, cibl\u00e9s et touchant directement les entreprises auraient vu le jour. Quels sont leurs caract\u00e9ristiques et comment prendre en compte ce risque ? Des ransomwares d’un nouveau genre Les ransomwares sont...","og_url":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/","og_site_name":"RiskInsight","article_published_time":"2016-03-16T07:19:12+00:00","article_modified_time":"2019-12-31T09:22:48+00:00","og_image":[{"width":1641,"height":1158,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"G\u00e9r\u00f4me Billois","twitter_misc":{"Written by":"G\u00e9r\u00f4me Billois","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/"},"author":{"name":"G\u00e9r\u00f4me Billois","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17"},"headline":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ?","datePublished":"2016-03-16T07:19:12+00:00","dateModified":"2019-12-31T09:22:48+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/"},"wordCount":758,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg","keywords":["ran\u00e7ongiciel","ransomware","Threat intelligence"],"articleSection":["Cybersecurity & Digital Trust","Ethical Hacking & Incident Response"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/","url":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/","name":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ? - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg","datePublished":"2016-03-16T07:19:12+00:00","dateModified":"2019-12-31T09:22:48+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2016\/03\/Fotolia_76258822_Subscription_Monthly_M.jpg","width":1641,"height":1158},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2016\/03\/jour-ransomwares-ont-change-de-dimension\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Le jour o\u00f9 les ransomwares ont chang\u00e9 de dimension ?"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity & digital trust blog by Wavestone's consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8c7dc7008d92d9f59fb0c108c988cb17","name":"G\u00e9r\u00f4me Billois","description":"G\u00e9r\u00f4me Billois is a Partner at Wavestone in the Cybersecurity and Digital Trust practice. He graduated from the National Institute of Applied Sciences in Lyon. He has deep expertise in risk management and cybersecurity, developed over more than 15 years of experience. G\u00e9r\u00f4me is a board member of CLUSIF, a member of the ISO JTC1\/SC27 committee, responsible for information security standardisation, and a founding member of Club27001, a non-profit dedicated to promoting the ISO 27001 standard. He holds CISA, CISSP and ISO 27001 PA certifications. G\u00e9r\u00f4me co-authored several books on cybersecurity (Eyrolles, Cepadues, Wiley & Sons, Larcier), is a regular media and conference speaker (Assises de la S\u00e9curit\u00e9, ISACA, CLUSIF, CNIS, etc.), and gives university lectures.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/gerome-billois\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/8851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=8851"}],"version-history":[{"count":5,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/8851\/revisions"}],"predecessor-version":[{"id":8882,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/8851\/revisions\/8882"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/8853"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=8851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=8851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=8851"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=8851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}