In 2013, the FBI issued a Stored Communications Act warrant for emails stored in Ireland, on one of Microsoft’s datacenters as part of a drug trafficking investigation. Microsoft refused to provide this information, because the data in Ireland is beyond…
After having successfully mobilized its executive committee on cybersecurity, having made a realistic and concrete assessment of the situation, you had an agreement in principle to start a remediation program! A great victory, and the beginning of a multi-year…
Attacks are multiplying and diversifying in terms of both their technical development and the methods of extortion. Despite recent arrests and diplomatic moves, these Ransomware attacks will remain very prevalent in 2022. But what is the real level of CAC…
On the launch of the European Cybersecurity Month and for the Assises de la Sécurité (from 13 to 16 October 2021), Wavestone unveils the new edition of its benchmark of cybersecurity incidents. To this end, we reviewed the interventions of the CERT-Wavestone crisis…
If 10 years ago, building your SOC meant asking yourself which scenarios to monitor, which log sources to collect and which SIEM to choose, recent developments in the IS have brought new challenges: how to set up monitoring in…
Emma, could you please introduce the topic ? Historically, the Agile approach is a set of practices used for IT development projects. The Manifesto published in 2001 proposes 4 main values to revolutionise the performance of companies: This emphasis on…
This first edition of Wavestone's Industrial Control Systems (ICS) Cybersecurity Radar comes at a very special time. On one hand, the health and economic crisis context is considerably weakening the companies that manage critical infrastructures. On the other hand, the…
The Network and Information System Security - (UE) 2016/1148 directive, commonly referred to as NIS, was a European directive adopted by the European parliament on July, 6th , 2016. It has been transposed by member states into their national legislations…
DECRYPTION The underground economy of the ransomware In recent years the products of the underground economy have evolved quickly. Cyber criminals now offer services for others to purchase, the most popular being: Ransomware-as-a-service (RaaS). Let’s pretend you are a hacker…
In this second article on Identity and Access Management (IAM) we look at why many organisation face difficulties transforming their IAM ecosystem, and how IAM programmes should be approached and structured. In our previous article – Identity and Access Management:…