As we’ve seen in the previous article, a serious consideration of "permissions" (also known as rights, authorizations, roles, and access profiles) should significantly reduce the risk of fraud and human error, and contribute to the company’s compliance with relevant legislation.…
Enterprise Resource Planning (ERP) applications support businesses’ most critical processes and workflows. As such, it carries many inherent risks—the main ones being internal fraud and human error. And statutory auditors, internal controllers, and auditors, are only too well aware of…
Avant l'existence du niveau fonctionnel Windows Server 2003, lorsqu'un utilisateur tentait de s'authentifier à l'aide d'un mot de passe n'étant pas le sien, son nombre de tentative d'authentification échouée (représenté par l'attribut "badPwdCount") se voyait automatiquement incrémentée. Depuis l'introduction du…
According to a Wavestone survey[1], as detailed in the study “protecting privacy in the digital age”, 94% of respondents believe that digital privacy is important and should be protected. This study also demonstrates that e-commerce sites, and even retailers in…
The number of cyber-attacks is increasing at an unprecedented rate with no two being the same. We sat down with Nick Prescot (Senior Manager, UK Cybersecurity practice) to discuss cyber crisis management and some key considerations to help C-level executives prepare for…
After the first article which covered "Extending the scope of detection to new perimeters” (see here), and the second, dedicated to “Enhancing detection through new approaches” (available here)... this is the conclusion to this (epic!) saga. This last installment will…
After the first article, which covered "Extending the scope of detection to new perimeters" (available here), this second installment is the next in our summer series about the SOC... Enhancing detection with new approaches Think identity to detect suspect…
SOC teams are finding it more and more difficult to detect increasingly complex attacks that take place over ever larger perimeters. At the same time, they are bearing the full brunt of the explosion in the number of alerts to…
La Loi de Programmation Militaire (LPM) 2014-2019 et les arrêtés sectoriels associés, ainsi que la déclinaison française de la directive européenne NIS, consacrent une place importante à la gestion des identités et des accès sur les infrastructures critiques. En effet,…
Recent major cyberattacks, especially global destructive ones such as WannaCry and NotPetya in 2017, but also targeted ones, have shown how significantly business activities can be disrupted for affected organisations, resulting in huge financial losses. Consequently, organisations are looking for…
