If 10 years ago, building your SOC meant asking yourself which scenarios to monitor, which log sources to collect and which SIEM to choose, recent developments in the IS have brought new challenges: how to set up monitoring in…
Category: Cybersecurity & Digital Trust
Emma, could you please introduce the topic ? Historically, the Agile approach is a set of practices used for IT development projects. The Manifesto published in 2001 proposes 4 main values to revolutionise the performance of companies: This emphasis on…
This first edition of Wavestone's Industrial Control Systems (ICS) Cybersecurity Radar comes at a very special time. On one hand, the health and economic crisis context is considerably weakening the companies that manage critical infrastructures. On the other hand, the…
The Network and Information System Security - (UE) 2016/1148 directive, commonly referred to as NIS, was a European directive adopted by the European parliament on July, 6th , 2016. It has been transposed by member states into their national legislations…
DECRYPTION The underground economy of the ransomware In recent years the products of the underground economy have evolved quickly. Cyber criminals now offer services for others to purchase, the most popular being: Ransomware-as-a-service (RaaS). Let’s pretend you are a hacker…
In this second article on Identity and Access Management (IAM) we look at why many organisation face difficulties transforming their IAM ecosystem, and how IAM programmes should be approached and structured. In our previous article – Identity and Access Management:…
Large organisations are facing unprecedented change, such as adapting to remote working and managing operational risk in a post-pandemic world. Identity & access management (IAM) – the provision and verification of identities and their access rights – is once again…
Organising a cyber crisis exercise is not an easy task. From the preparation to the D-Day, a lot of unforeseen events can occur and the preparation teams need to remain a step ahead of the players. This article will break down the steps to a successful cyber crisis exercise…
DECRYPTION CYBER CRIMINAL NETWORK DISMANTELING The last 6 months, large-scale coordinated international actions have dismantled several of the biggest cybercriminal networks such as Emotet, Netwalker, Egregor or even Cl0p. Let’s have a closer look at some of them. What is Emotet?…
Due to the ever-growing use of certificates in modern applications, a large number of Active Directory infrastructures make use of Public Key Infrastructures (PKI) features. These features are provided by Certification Authorities (CA) which are either external to Active Directory…