What if your most sensitive data became accessible in an instant? The growing excitement about the advent of quantum computers is justified for a subject that is no longer science fiction but involves a new kind of threat. Indeed, according…
Category: Formats
This article was originally published on our corporate website wavestone.com on 26 January 2023. Cybersecurity awareness is a journey to embed secure behaviours in people's daily lives To do so, you need to build a strong cyberawareness program, focus…
Over the past few years, companies have been rapidly adopting security tools to protect their applications across the development lifecycle, leveraging DevSecOps scanners such as SAST, DAST, SCA, and scanners for containers, Infrastructure-as-Code, and secrets. Progressively, the goal has shifted…
According to the 2024 Verizon report, the human factors is responsible for 68% of data breaches. Aware of this vulnerability, 90% of cyberattacks exploit human error, with phishing as the primary attack vector. In this context, it has become essential…
In the first article of this series, we explored the foundation of Microsoft’s Enterprise Access Model (EAM), focusing on the critical task of scoping the Control Plane to safeguard cloud administration. We delved into the evolving security landscape, where the…
This article is the first of a series of 2, tackling the implementation of the Enterprise Access Model, an administration model proposed by Microsoft to secure the administration of Cloud environments. Today, most companies use public cloud to host…
Quantum computing threatens today’s asymmetric cryptography and would render current algorithms obsolete, both RSA and ECC. As for symmetric cryptography, (AES, hash functions) doubling the key size ensures maintained security guarantees. To address the threat, the NIST has standardized three…
In a world where aviation safety is increasingly based on digital systems, the PART-IS regulation introduced by the European Union Aviation Safety Agency (EASA) marks a decisive turning point. This innovation is due to increasing numbers of cybersecurity standards, regulations,…
The Digital Operational Resilience Act (DORA) is a European regulation designed to enhance the resilience of financial entities against IT and cybersecurity risks. Its ambitious objective is to improve organizations’ ability to anticipate and manage crises while optimizing their operational…
Managing access rights to an organisation's resources is a central issue in IAM. An authorisation model provides a layer of abstraction that guides the allocation of technical permissions to users and makes it easier to monitor them over time. To…