Insights.

Discover cybersecurity stories you've never heard before. From ransomware threat to data analytics with organisational insights, this is where cyber enhances business.

Antivirus, obsolete technology or still relevant?

Antivirus, obsolete technology or still relevant?

All means are good for a computer virus to infect you: by surfing on the Internet, by clicking on a link, by downloading and executing an attachment, by plugging a hard disk or a USB key... Is it necessary to install an antivirus to protect yourself? Is it enough? What is a virus and how does it spread? Viruses can take any form. Ransomware, Trojan horses, spyware, these malicious computer programs have a single objective: to disrupt the normal functioning of a computer system without the…

Are you up to date with the updates?

Are you up to date with the updates?

Updates and patches: what are we talking about? Updates are often perceived as a constraint and neglected by users. They often fall at the wrong time: during a work session, during an outing with friends... However, they are essential to ensure your computer security. They allow you to correct security flaws. Without a patch, you keep the door open for a cyber attacker. A security flaw is a breach through which a cyber attacker has the possibility to access your device or software and take…

Protecting your digital data with backups

Protecting your digital data with backups

Why do we need to make backups? Every day, we create and accumulate a lot of digital data on different devices: computer, phone, tablet... If it is only kept on these media, the data is exposed to risks. With little or no backup, you take the risk that your data is lost, stolen, hacked, damaged or destroyed . For example, imagine that your most precious family photos are stored on a hard drive and the drive fails. You didn't back them up to another medium, so the photos are gone. There is no…

What do you protect better: your passwords or your house keys?

What do you protect better: your passwords or your house keys?

You know who has access to your house keys, that's a foundation of security. But the older those keys are, the more likely it is that someone has a copy. So, have you recently changed the locks and keys in your home? Fortunately, it's easier in the digital world. The "digital key" to your computer costs less to change. Changing your password is free, and only takes a few moments. Passwords have become the common way to manage our lives in the digital world. Numerous daily life procedures now go…

Science shows that the method that almost all companies adopt to solve 70% of cybersecurity problems is NOT the right one.

Science shows that the method that almost all companies adopt to solve 70% of cybersecurity problems is NOT the right one.

This should concern us. But rest assured: nothing will change. Because this isn't cryptography or any other sexy topic in the field (EDR, blockchain security, crypto post-quantum, you name it). The cybersecurity market has already chosen a completely different direction. What is it about? Researchers at the Swiss Federal Institute of Technology Zurich (ETHZ) have just demonstrated that phishing test practices, those commonly found in companies, are the exact opposite of what should be done…

The widest mobilization is the only viable and sustainable lever to counter cyberattacks

The widest mobilization is the only viable and sustainable lever to counter cyberattacks

Our collective vision of cyber, as much among non-specialists as among experts and leaders, needs to be re-examined in depth. To maximize the effectiveness of our individual interventions and our collective protection. Because the attackers' ecosystem is evolving much faster than the defenders'. The collective efficiency of attackers is formidable. The ecosystem is industrializing. Cybercriminals think "customer" much more effectively than defenders when it comes to cyber issues. And they are…

The cold rationality of attackers versus the operational unpreparedness of companies

The cold rationality of attackers versus the operational unpreparedness of companies

For the cyber attacker, the only thing that matters is his own goal: to complete the attack. For a cybercriminal: to obtain the payment of the ransom, even if it means negotiating. Because the cost structure of the attacker is just like the business model of SaaS startups: the cost of attacking an additional company is close to zero. Worse: the attacker's operational risk is very limited, protected by several jurisdictions and many layers of technology between his target and his digital…

Financial evaluation of cybersecurity remains a path not very frequented

Financial evaluation of cybersecurity remains a path not very frequented

One explanation: for many organizations and cybersecurity professionals, the study of the return on investment (ROI) of cybersecurity remains complex. It's often taboo for the current generation of CISOs, who still rarely have the codes of the financial domain. Moreover, while current cyber methods are very good at assessing risks at the level of an application or IS project, they do not easily pass the test of a group scale. How many companies have evaluated the ROI of their cyber? There is no…

Cybersecurity: designed to fail.

Cybersecurity: designed to fail.

Over the past three years, the acceleration of ransomware damage has generated an awareness of cyber issues. Yet, in this cyber domain, the majority of companies of all sizes remain "designed to fail" and citizens are disarmed. There is still time to start a cyber revolution. It is indispensable . Awareness is growing, but the cyber debt is inexorably increasing. In large companies, the awareness of leaders is accelerating. This is evidenced by reports from the World Economic Forum (WEF) and…

Misconception n°3: The digital transformation director can't do much about cybersecurity

Misconception n°3: The digital transformation director can't do much about cybersecurity

Why is this misconsception false? Paradoxically, the CDO is probably one of the only executives, if not the only one after the CEO, who can do something decisive on cyber / digital security . The CISO, when restricted to a technical perimeter, will not be able to carry this vision to this strategic level. Because many CISOs still depend on a CIO or a CTO. Their background is rarely business and without a sufficient dose of digital. Too rarely, they allow themselves (or are allowed to) think…

Misconception n°2: Digital transformation is a separate matter from cybersecurity

Misconception n°2: Digital transformation is a separate matter from cybersecurity

Why is this misconsception false? In October 2016, Microsoft¹ identified 4 pillars : for digital transformation, which held as its definition: 1/ Engage customers: give them new experiences they will love, 2/ Empower employees: reinvent productivity and enable a data-centric culture. 3/ Minimize operations: modernize portfolios, transform processes and skills 4/ Transform products: innovate on products and business models. If these 4 pillars are not directly applied to cybersecurity, the…

Misconception n°1: Using modern/nextgen technology makes you safer

Misconception n°1: Using modern/nextgen technology makes you safer

Why is this misconsception false? In January 2019, Accenture showed that 79% of digital transformation projects did not include cybersecurity at the right level. Since then, the Covid situation and its accelerated transformations, have largely exacerbated the phenomenon. Unless adopted correctly, cloud architectures, containerization (docker and kubernetes), the extended use of open-source libraries such as npm packages, or APIs (even in GraphQL), and microservices, without forgetting AI and…

Strengthening enterprise cybersecurity through people

Strengthening enterprise cybersecurity through people

Aware of the chaotic scope of cyber attacks and the weakness of their cybersecurity, managers no longer hesitate to make substantial financial efforts and recruit excellent experts to protect themselves against them. But in this quest for resilience, they tend to neglect the crucial role of the first actors in the field of cybersecurity: the employees. Cyber attacks: the undeniable weight of human failures With the widespread use of cutting-edge technologies (AI, 5G , robotics, etc.) and the…