For the launch of European Cybersecurity Month, discover our benchmark on cyber security incidents. To carry out this study, we analyzed the interventions of our cyber security crisis team (CERT-W) between September 2018 and August 2019. The benchmark represents around 40 major incidents which led to the interruption of business activities and intervention systems in a variety of sectors : manufacturing, public sector, food industry, information technology, finance,etc. The purpose of this benchmark is to help organizations and more generally society regarding the situation of cyber threats in France, and to share the solutions for improved anticipation and risk management through practical feedback.
Analysis of cyber attacks affecting large organizations
40
major security incidents, led to the disruption of business activities or an advanced compromise of the information system.
Among the largest French companies and institutions :
- Industry
- Public sector
- Retail
- Information Technology
- Finance
- Services
CERT-Wavestone
40 cyber experts
- Digital Forensics & Incident Response
- Crisis management
- Malware analysis
- Cyber threat analysis
Available 24/7
3×8 organisation during major cyber crisis
Multi-client
+25 large subscribing organisations
Crisis management expert for several cyber insurances
Responses to security incidents benchmark
A willingness to shed light on the state of cyber threat in France and to provide the keys for improved anticipation and reaction :
/ What are the motivations behind cyber attacks?
/ When and how were they discovered?
/ How did they get into the systems?
/ How to face them and manage the crisis?
/ How to prepare in advance?
End users: the cornerstone for attack detection
Breakdown by source of detection of security incidents :
How to avoid becoming a target?
65% of attacks are opportunistic. Being above average in cybersecurity allows to strongly limit its attractiveness to cybercriminals.
TOP 5 actions to prepare in order to face an attack
- Protect the most critical assets by adopting good security practices (security patches, rights management, administrator management, etc.)
- Improve the effectiveness of attack detection with a specialised service (24/7 surveillance, detection perimeter adapted to the threat…)
- Know how to manage a major crisis (24/7 team, specific means of communication…) and rebuild in an emergency (procedures, specific equipment…)
- Train through crisis exercises (repeat efforts in different situations to promote the development of reflexes)
- Subscribe to cyber-insurance and a contract with a specialized team (surround yourself with experts who can speed up the resolution of the incident)