Backup security is a topic of increasing concern to large accounts, often as part of initiatives to improve their cyber-resilience. When all the protection, detection and response measures have not been sufficient: the information system must be restored quickly from…
Using passwords introduces both a large attack surface (phishing, brute force, password spreading, rainbow table, etc.) and a poor user experience. As a result, passwords have been denounced in favour of passwordless technologies for several years. However, passwords remain commonly…
In 2013, the FBI issued a Stored Communications Act warrant for emails stored in Ireland, on one of Microsoft’s datacenters as part of a drug trafficking investigation. Microsoft refused to provide this information, because the data in Ireland is beyond…
After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year…
Attacks are multiplying and diversifying in terms of both their technical development and the methods of extortion. Despite recent arrests and diplomatic moves, these Ransomware attacks will remain very prevalent in 2022. But what is the real level of CAC…
On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…
If 10 years ago, building your SOC meant asking yourself which scenarios to monitor, which log sources to collect and which SIEM to choose, recent developments in the IS have brought new challenges: how to set up monitoring in…
Emma, could you please introduce the topic ? Historically, the Agile approach is a set of practices used for IT development projects. The Manifesto published in 2001 proposes 4 main values to revolutionise the performance of companies: This emphasis on…
This first edition of Wavestone's Industrial Control Systems (ICS) Cybersecurity Radar comes at a very special time. On one hand, the health and economic crisis context is considerably weakening the companies that manage critical infrastructures. On the other hand, the…
The Network and Information System Security - (UE) 2016/1148 directive, commonly referred to as NIS, was a European directive adopted by the European parliament on July, 6th , 2016. It has been transposed by member states into their national legislations…
