Nearly 10,000 people were present in Lille, in Northern France, on January 22 and 23 to participate in the FIC (International Cybersecurity Forum). This meeting brings together the main French and European players in Cybersecurity. As this year was my first time attending, it was a great opportunity to observe the trends and issues of this sector and recount those that impressed me, as described below:
1 IS (Information System) Cloud Migration trend
As illustrated in the conference “How to choose your public cloud provider?” CIOs and CISOs, though reluctant to transfer their IS to the cloud for security reasons, realized they could not go against this trend – Cloud migration brings many competitive advantages to companies. Being particularly pragmatic, CIOs decided to organize this transition to achieve the best possible security conditions.
The recommendations made in this conference were to analyze the risks, refer to the security certifications, study the service contracts and define selection criteria based on their own context to select the provider who will bring the required level of trust.
2 Increase in cyberattacks impact in 2018 reported by all actors in the show.
In the opening plenary, Guillaume Poupard, General Director of ANSSI, the French National Agency for the Security of Information Systems, recalled this “worrying” observation, with “stronger, more proliferating threats, more difficult to attribute”. Guillaume Tissier, co-organizer of the FIC stated: “We are seeing a proliferation of attacks via the clouds, because the hackers also follow the technological modes by trying to extract the data”.
This growth was already highlighted by Gemalto via its Breach Level Index, a global database of public data breaches. During first half of 2018, 944 data breaches led to 3.3 billion data records being compromised. Compared to the same period in 2017, the number of impacted data increased by 72%, though the number of breaches slightly decrease over the same period, signaling an increase in the severity of each incident.
The costs for the company of this type of attack can reach the million euros (stolen fees, crisis management expenses, IS security reinforcement costs, fall in share price, branding loss etc…).
To effectively face these threats, IS security reinforcement is essential.
3 Access Management one of the main pillars of Security
The third highlight for me in the sessions that I attended was that Access Management is considered one of the main pillars of Security. Access management is an indispensable brick, whose methods are recognized by the market as an effective way of limiting the number and impacts of cyberattacks.
What is Access management?
Access Management allows you to define who has the right to give access to the right resources and to implement these access rules on the IS. For example which user groups (sales, R&D, HR) are allowed to access which application (Salesforce, Office 365, Jira, etc.) and what attributes are needed to access (trusted network, name and password, password for single use etc.). The access rules may require more or less attributes depending on the sensitivity of the applications.
Who provides Access Management solutions?
At their booths, NIS and Cardelya French Distributors presented the Solution “Identity as a Service” offered by Gemalto. Based on strong authentication methods, SafeNet Trusted Access protects against data breaches, helps organizations become compliant with industry regulations and enables them to migrate to the cloud in a simple and secure way.
*** This is a Security Bloggers Network syndicated blog from Enterprise Security – Gemalto blog authored by Sarah Lefavrais. Read the original post at: https://blog.gemalto.com/security/2019/02/15/fic-2019-protecting-is-attacks-starts-with-secure-access-management/