{"id":9742,"date":"2017-04-20T08:50:23","date_gmt":"2017-04-20T07:50:23","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=9742\/"},"modified":"2020-01-02T14:48:26","modified_gmt":"2020-01-02T13:48:26","slug":"cyber-due-diligence-business-valuation","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/","title":{"rendered":"&#8220;Cyber&#8221; due diligence is the new asset for business valuation"},"content":{"rendered":"<p><em>Theoretically, when a company is for sale, its potential buyer carries out a preliminary investigation phase to ensure that the company, as advertised in its published documents, is the same in reality. This is otherwise known as due diligence.<\/em><\/p>\n<p>This can take different forms; the following aspects are usually examined:<\/p>\n<ul>\n<li><strong>Finance and accounting<\/strong> (auditing, personnel inventory, balance sheet and profit and loss accounts analysis, forecasted business activity, etc.)<\/li>\n<li><strong>Legal<\/strong> (company statutes, proceedings in process, patent and intellectual property ownership&#8230;)<\/li>\n<li><strong>Strategy<\/strong> (competitor identification, company strengths, distribution channels, etc.)<\/li>\n<\/ul>\n<p>Although current affairs and news offer plentiful examples of companies that have been impacted by cyberattacks, <strong>the issue of cybersecurity is all too often overlooked with regards to mergers and acquisitions<\/strong>.<\/p>\n<p>But mindsets are evolving: in a recent survey conducted by Freshfields Bruckhaus Deringer, specialists in corporate law, 90% of respondents considered that a confirmed cyber-attack could lead to<strong> revise the acquisition cost downwards<\/strong>, and 83% of them thought that an attack during the due diligence phase could simply lead to abandon the deal.<\/p>\n<p>Still, the cyber risk is real: as soon as two IT environments are interconnected, the resulting environment often inherits <em>de facto<\/em> the lowest level of security of the two. Besides, a merger or acquisition can highlight possible compliance gaps, in a context of increasing scrutiny by regulators all over the world.<\/p>\n<h2><\/h2>\n<h2>Is cyber-risk assessment the next pillar of M&amp;A?<\/h2>\n<p>Increasingly aware of this risk, companies progressively integrate the notion of &#8220;cyber risk&#8221; into their reconciliation strategies. The objective is, in principle, simple: to understand whether the merger of two companies, and thus the likely merger of their Information Systems, increases cyber risk.<\/p>\n<p>There is, however, a major difference between standard due diligence and its cybersecurity equivalent. While accounting and legal regulations are clearly understood and shared at the international level, there is as yet no equivalent in the cybersecurity world. <strong>Standards are multiplying<\/strong> (by system type, data to protect, industry, country&#8230;), <strong>but they only remain good practice references<\/strong> which indicate how to properly implement considerations around cybersecurity \u2013 not if they actually were implemented properly. There are some notable exceptions, such as PCI-DSS (protection of credit card data) certified environments, or classified, Defense-type environments. These examples, however, are specific, with very restricted scopes.<\/p>\n<p>For the purchaser, acting in good faith and being unaware of security breaches will do nothing to prevent cyberattacks:<strong> in cyber risk, we not only endorse responsibility, but directly the risk itself!<\/strong><\/p>\n<p>In the same manner, it is neither easy (yet, nor impossible) for a company to ensure that its cyber security is &#8220;good&#8221;. Managing the Information System in line with today\u2019s best practices does not guarantee that its weaknesses will not be exploited tomorrow.<\/p>\n<p>An M&amp;A context is not the only context of interest for examining the IS security aspects through cyber due diligence. For several years, large international insurers have launched their cyber-insurance offers. In this context, they legitimately seek to know the level of information security of companies for which they will provide insurance. At the minimum, insurers seek to know what general level of cyber-risk they will have to cover. Thus, by upstreaming this type of underwriting, cyber-insurers are now supported by IT security experts, whose role it is to carry out <em>due diligence<\/em> at a fairly high level.<\/p>\n<p>&nbsp;<\/p>\n<h2>What approach should be taken for cybersecurity due diligence ?<\/h2>\n<p>What is security due diligence? <strong>It is neither an innovative technology nor a revolutionary method<\/strong>; rather it refers to the balanced and targeted use of different information security tools.<\/p>\n<p>Several approaches are possible:<\/p>\n<ul>\n<li><strong>A &#8220;comprehensive&#8221; approach<\/strong>, consisting of both a theoretical and organizational analysis of security, supplemented by penetration tests to gain a vision as closely aligned to reality as possible. This approach, ideal in essence, is often used in the case of start-up buyouts. However, it is almost never used in larger deals, for reasons relating to both cost and a lack of time.<\/li>\n<li><strong>An \u201cinterview\u201d approach<\/strong>, which involves an evaluation of the situation in relation to a known and adapted reference framework during exchanges with security managers at the company in question. The limitation of this approach is that it is based only on statements and declarations. As such, it does not provide any proof of for what is being put forward. Led by a seasoned expert in this activity, this approach nonetheless facilitates a general view of the type of security practices that have been implemented.<\/li>\n<li><strong>A \u201cquestionnaire\u201d approach<\/strong> is offered as a matter of dealing with answers to a series of questions, usually with multiple choice answers. Beyond the lack of depth of such an approach, its outcome strongly depends on the respondents of the questionnaire, and the manner in which the questionnaire is used. Unfortunately, it is often the case that it is barely read or referenced.<\/li>\n<\/ul>\n<p>Irrespective of the chosen approach, it can be rolled-out at two stages: an initial analysis to <strong>provide knowledge and understanding of the security risks<\/strong>, which must feed directly into the \u201c<strong>go \/ nogo<\/strong>\u201d considerations behind the deal. A possible second step involves more detailed analysis for a more precise evaluation of risk(s) in order to <strong>determine the corrective actions<\/strong>.<\/p>\n<p>&nbsp;<\/p>\n<h2>Cyber due diligence as an input for valuation<\/h2>\n<p>Whether it is for acquiring a company or assessing the risk taken by cyber insurers, due diligence must serve as a platform for encouraging further reflection on the<strong> feasibility of a deal<\/strong>.<\/p>\n<p>It must also constitute an element of added value for the company, to the extent that conforming to and respecting market best practices can prove to be <strong>costly<\/strong>.<\/p>\n<p>Finally, cyber due diligence helps to <strong>identify the regulatory aspects that must be respected<\/strong>, such as laws affecting Critical Information Infrastructures (USA PCII Program, China\u2019s Cyber Security Law, France\u2019s \u201cLPM\u201d, Singapore\u2019s upcoming New Cybersecurity Act\u2026) and which may require a certain number of adaptations foreseen on the Information System of the company for sale, and \/ or the purchaser.<\/p>\n<p>Have we ever seen a cybersecurity due diligence lead to the abandonment of a company purchase? Not publicly. We rather witness the rapid correction of the most serious identified vulnerabilities, or sometimes a decision to not connect certain components of the Information Systems.<\/p>\n<p>Will cybersecurity due diligence have any real impact on transactions? To this question, Verizon provided a response with a figure: in February 2017, the operator decreased its offer to purchase Yahoo by US$350 million. This corresponds to more than 7% of the value (US$4.8 billion) initially offered.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Theoretically, when a company is for sale, its potential buyer carries out a preliminary investigation phase to ensure that the company, as advertised in its published documents, is the same in reality. This is otherwise known as due diligence. This&#8230;<\/p>\n","protected":false},"author":13,"featured_media":9606,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3270,2777],"tags":[2795,2772,3373,2796,3156],"coauthors":[801,2792],"class_list":["post-9742","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyberrisk-management-strategy-en","category-cybersecurity-digital-trust","tag-cyberinsurance","tag-cybersecurity","tag-due-diligence-en","tag-risk","tag-risk-management-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>&quot;Cyber&quot; due diligence is the new asset for business valuation - RiskInsight<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"&quot;Cyber&quot; due diligence is the new asset for business valuation - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Theoretically, when a company is for sale, its potential buyer carries out a preliminary investigation phase to ensure that the company, as advertised in its published documents, is the same in reality. This is otherwise known as due diligence. This...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-20T07:50:23+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-01-02T13:48:26+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1378\" \/>\n\t<meta property=\"og:image:height\" content=\"1378\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chadi Hantouche\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chadi Hantouche\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\"},\"author\":{\"name\":\"Chadi Hantouche\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/f79d84b363b7e5b8090ca3839d396efc\"},\"headline\":\"&#8220;Cyber&#8221; due diligence is the new asset for business valuation\",\"datePublished\":\"2017-04-20T07:50:23+00:00\",\"dateModified\":\"2020-01-02T13:48:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\"},\"wordCount\":1088,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg\",\"keywords\":[\"cyberinsurance\",\"cybersecurity\",\"due diligence\",\"risk\",\"risk management\"],\"articleSection\":[\"Cyberrisk Management &amp; Strategy\",\"Cybersecurity &amp; Digital Trust\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\",\"name\":\"\\\"Cyber\\\" due diligence is the new asset for business valuation - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg\",\"datePublished\":\"2017-04-20T07:50:23+00:00\",\"dateModified\":\"2020-01-02T13:48:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg\",\"width\":1378,\"height\":1378},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"&#8220;Cyber&#8221; due diligence is the new asset for business valuation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/f79d84b363b7e5b8090ca3839d396efc\",\"name\":\"Chadi Hantouche\",\"description\":\"Chadi Hantouche is a Cybersecurity and Digital Trust Senior Manager at Wavestone. For more than a decade, he has helped companies assessing their risk and maturity level, and defining associated solutions. He has a focus on security to support innovative technologies (Big Data, Internet of Things, Cloud computing, Mobility) as well as prevention and reaction against cyberattacks. Chadi is a CISSP, ISO 27001 LI and ITIL certified professional. He is a regular speaker on French and international TV channels, newspapers and conferences, and lecturer in several computer science universities.\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/chadi-hantouche\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\"Cyber\" due diligence is the new asset for business valuation - RiskInsight","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/","og_locale":"en_US","og_type":"article","og_title":"\"Cyber\" due diligence is the new asset for business valuation - RiskInsight","og_description":"Theoretically, when a company is for sale, its potential buyer carries out a preliminary investigation phase to ensure that the company, as advertised in its published documents, is the same in reality. This is otherwise known as due diligence. This...","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/","og_site_name":"RiskInsight","article_published_time":"2017-04-20T07:50:23+00:00","article_modified_time":"2020-01-02T13:48:26+00:00","og_image":[{"width":1378,"height":1378,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg","type":"image\/jpeg"}],"author":"Chadi Hantouche","twitter_misc":{"Written by":"Chadi Hantouche","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/"},"author":{"name":"Chadi Hantouche","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/f79d84b363b7e5b8090ca3839d396efc"},"headline":"&#8220;Cyber&#8221; due diligence is the new asset for business valuation","datePublished":"2017-04-20T07:50:23+00:00","dateModified":"2020-01-02T13:48:26+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/"},"wordCount":1088,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg","keywords":["cyberinsurance","cybersecurity","due diligence","risk","risk management"],"articleSection":["Cyberrisk Management &amp; Strategy","Cybersecurity &amp; Digital Trust"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/","name":"\"Cyber\" due diligence is the new asset for business valuation - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg","datePublished":"2017-04-20T07:50:23+00:00","dateModified":"2020-01-02T13:48:26+00:00","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2017\/04\/Fotolia_72331203_Subscription_Monthly_M.jpg","width":1378,"height":1378},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2017\/04\/cyber-due-diligence-business-valuation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"&#8220;Cyber&#8221; due diligence is the new asset for business valuation"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/f79d84b363b7e5b8090ca3839d396efc","name":"Chadi Hantouche","description":"Chadi Hantouche is a Cybersecurity and Digital Trust Senior Manager at Wavestone. For more than a decade, he has helped companies assessing their risk and maturity level, and defining associated solutions. He has a focus on security to support innovative technologies (Big Data, Internet of Things, Cloud computing, Mobility) as well as prevention and reaction against cyberattacks. Chadi is a CISSP, ISO 27001 LI and ITIL certified professional. He is a regular speaker on French and international TV channels, newspapers and conferences, and lecturer in several computer science universities.","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/chadi-hantouche\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/9742","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=9742"}],"version-history":[{"count":2,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/9742\/revisions"}],"predecessor-version":[{"id":9744,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/9742\/revisions\/9744"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/9606"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=9742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=9742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=9742"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=9742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}