Using passwords introduces both a large attack surface (phishing, brute force, password spreading, rainbow table, etc.) and a poor user experience. As a result, passwords have been denounced in favour of passwordless technologies for several years. However, passwords remain commonly…
Category: Focus
In 2013, the FBI issued a Stored Communications Act warrant for emails stored in Ireland, on one of Microsoft’s datacenters as part of a drug trafficking investigation. Microsoft refused to provide this information, because the data in Ireland is beyond…
After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year…
Attacks are multiplying and diversifying in terms of both their technical development and the methods of extortion. Despite recent arrests and diplomatic moves, these Ransomware attacks will remain very prevalent in 2022. But what is the real level of CAC…
On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…
If 10 years ago, building your SOC meant asking yourself which scenarios to monitor, which log sources to collect and which SIEM to choose, recent developments in the IS have brought new challenges: how to set up monitoring in…
This first edition of Wavestone's Industrial Control Systems (ICS) Cybersecurity Radar comes at a very special time. On one hand, the health and economic crisis context is considerably weakening the companies that manage critical infrastructures. On the other hand, the…
The Network and Information System Security - (UE) 2016/1148 directive, commonly referred to as NIS, was a European directive adopted by the European parliament on July, 6th , 2016. It has been transposed by member states into their national legislations…
In this second article on Identity and Access Management (IAM) we look at why many organisation face difficulties transforming their IAM ecosystem, and how IAM programmes should be approached and structured. In our previous article – Identity and Access Management:…
Large organisations are facing unprecedented change, such as adapting to remote working and managing operational risk in a post-pandemic world. Identity & access management (IAM) – the provision and verification of identities and their access rights – is once again…