Editorial N°15 – October : the cybersecurity month

On the occasion of the cybermonth – an awareness campaign about cybersecurity – the 19th edition of the Assises de la sécurité, an annual meeting of experts in cybersecurity, was held in Monaco. This event was marked by the opening conference of the Director General of the French Cybersecurity Agency (ANSSI), Guillaume Poupard. He focused his inaugural speech on the transformation of cybersecurity and the need to go beyond the fear of cyberattacks ” I don’t want to use the word of war situation, but we’re not very far from it ”.

In light of recent international turmoil –  American municipalities compromised by ransomwares, French television channels targeted by criminals,  American cyberattack on Iran following the latest events in the Middle East – the situation may seem particularly worrying. ” States are increasingly aggressive in this area ,” admits Guillaume Poupard. Yet, the Director General of the ANSSI has campaigned for positive cybersecurity.  “CISSOs must become allies of the professions, trusted persons in the various projects “.

Furthermore, cybersecurity has some grey areas, according to Guillaume Poupard; he asserts that one of the main IT vulnerability in France is the failure to detect attacks. As G. Poupard points out, ” Detection is now an Achilles’ heel in cybersecurity. We can see among companies targeted by cyberattacks that attackers have been present for a long time in the network “. This assumption is reinforced by the latest report published by the consulting firm Wavestone, which, according to long-term studies, estimates that the average detection time of a computer attack is 167 days, or more than 5 months. To solve this problem, Guillaume Poupard believes that ” it will probably be necessar y to do detec tion on the workstation; this method might be more intrusive but will prove more effective in the future ”.