In the age of digital transformation, cybersecurity has become a priority issue for companies. More than ever, their IS (Information Systems) are the target of new cyber-attacks. It is estimated that 61% of the world’s large companies have been affected by one or more cyber attacks during 2018. The consequences are sometimes disastrous such as business slowdowns, data theft or ransomware. From a financial point of view, the average cost of a cyberattack can reach up to 1.3 million USD for small businesses and increase to 27 million USD. In France, it takes about 30 weeks for a company to detect a cyber threat and 75 days to recover from it.
Phishing, president scam, ransomware, spyware, trojan horse, cryptolocker, encoded or polymorphic shellcode, botnet or DoS are among the favorite weapons of hackers. Today, the challenge of cybersecurity is twofold: to fight effectively against cybercrime and to adapt in real time to the appearance of new threats..
In France, laws and security measures are used to define standards and controls. For example, the Military Planning Act (LPM), subjects Vital Importance Operators (OIVs) to a compliance requirement. In concrete terms, this means reinforcing the cybersecurity protection measures of public or private organizations, identified as essential to the State. These organizations have indeed a strategic role because in case of cyber attack they could paralyze the life of the country. In France, there are 249 OIVs divided into 12 sectors such as energy, health, transport (land, river, sea, air), finance, armaments, space and telecommunications. As of 2019, the ANSSI plans to increase their number to 600, including OSEs (Operators of Essential Services) such as provident institutions, insurers…
At the corporate level, CIOs (Chief Information Officers) and CISOs (Chief Information Security Officers) are the guarantors of cyber security. They are in charge of setting up security equipment adapted to the company’s infrastructure and of making employees aware of cyber risks.
In order to accompany them as well as possible and to bring a pragmatic answer to the new cyber stakes, Gatewatcher proposes a series of articles to decipher the cybersecurity.