FR
COMPACT
> CYBER REGULATIONS OVERLOAD.
New cybersecurity regulations are overwhelming firms, causing industry-wide concern.
WHY IT MATTERS
The rapid influx of regulations in the last five years has left companies struggling to keep up.
- Compliance costs are skyrocketing.
- Companies are hiring full-time legal teams just to manage regulations.
- Smaller firms may face significant financial strain.
GO DEEPER
The cybersecurity landscape has transformed rapidly, now deeply regulated with standards like RGPD, REC, and DORA. While regulations aim to enhance security, they often complicate operations. The ANSSI calls for a "necessary regulatory pause" as even large enterprises feel the strain, employing multiple lawyers to navigate compliance across numerous countries. The push for sector-specific rules, especially from Brussels, adds to the complexity, risking asphyxiation for businesses, particularly those lacking resources.
> GLOBAL CYBERSECURITY INSIGHTS UNVEILED
New reports shed light on cybersecurity challenges and strategies from the EU and South Africa.
WHY IT MATTERS
- The EU and South Africa highlight patterns in cyber threats, emphasizing the need for global cooperation.
- Cybersecurity is increasingly seen as a growth imperative, not just a defensive necessity.
- Reports recommend enhancing skills and awareness to bolster digital resilience.
GO DEEPER
The EU's report outlines legislative contexts, risk assessments, and recommendations for enhancing cybersecurity capabilities across critical sectors. Meanwhile, a South African report reveals that 80% of surveyed companies faced cyberattacks, costing billions. Both reports underscore the importance of viewing cybersecurity as integral to business growth and resilience, urging strategic investments in skills and international collaboration.
> U.S. CYBERSECURITY CHALLENGES.
The U.S. grapples with cybersecurity amid tensions with China and the Ukraine war.
WHY IT MATTERS
Strengthening cybersecurity is crucial for national security, economic stability, and safeguarding democracy.
- Biden's administration initiated a National Cybersecurity Strategy in response to rising threats.
- The U.S. faces internal vulnerabilities, amplified by limited federal regulation and the influence of private companies.
GO DEEPER
The rivalry with China, notably over platforms like TikTok, highlights fears of espionage and data misuse. Despite efforts to control digital threats, the private sector's significant role in cybersecurity poses challenges for federal intervention. With Donald Trump back in office, shifts towards less regulation may impact the national cybersecurity landscape, emphasizing private sector involvement over federal control.
> FREE'S DATA BREACH UNVEILED
A Free insider allegedly shared VPN credentials, leading to a massive data breach.
WHY IT MATTERS
The breach compromised 19 million customers' personal data and 5 million IBANs.
- The insider's VPN credentials were used to access customer management tools.
- The hacker exploited social engineering to expand data access.
GO DEEPER
The attack highlights vulnerabilities in VPN security and the risks of insider threats. Free has since restricted remote data access, reflecting the need for tighter security measures and employee vigilance.
> SOCS FACING AI ATTACKS.
77% of enterprises have been targeted by adversarial AI, with SOCs increasingly vulnerable.
WHY IT MATTERS
- Fast-paced AI attacks demand SOCs evolve defenses rapidly.
- Cloud intrusions rose 75%, with two in five enterprises hit by AI-related breaches.
- Attackers exploit fake identities, threatening IAM systems.
GO DEEPER
SOC teams need to adopt advanced strategies against evolving AI threats. Adversarial techniques like data poisoning, evasion attacks, and API vulnerabilities pose significant risks. SOCs should enhance model hardening, data integrity, and supply chain transparency while integrating adversarial validation and zero-trust principles to safeguard infrastructure.
> 12 LLM VULNERABILITIES REVEALED.
Discover the critical vulnerabilities of LLMs that businesses must address for security.
WHY IT MATTERS
- LLMs introduce new risks like data leaks and prompt manipulation, expanding attack surfaces.
- Understanding these vulnerabilities helps build resilient and proactive security strategies.
GO DEEPER
The integration of LLMs in businesses brings innovative uses but also exposes them to novel threats. Reports from OWASP, Trend Micro, and others highlight 12 key vulnerabilities, including injection of prompts and supply chain vulnerabilities. Addressing these risks is imperative for safeguarding data integrity and system security.
> 2024 CERT-WAVESTONE REPORT
CERT-Wavestone tackled 20 major cybersecurity incidents across various sectors in 2024.
WHY IT MATTERS
- Financial gain remains the top motivation, with ransomware as a key method.
- Vulnerabilities on internet-exposed sites are the main entry points.
- Cyberattacks are becoming faster, threatening data and backups.
- AI introduces new attack methods like deepfake and phishing enhancements.
GO DEEPER
- Large companies are often attacked through less secure subsidiaries.
- 77% of analyzed attacks involved data theft.
- 90% of ransomware attacks targeted backups, complicating recovery.
- Efficient AI solutions enable new attack types such as poisoning and evasion.
> NIS 2: FRANCE LAGS BEHIND.
France struggles with NIS 2 directive transposition, falling behind other EU nations.
WHY IT MATTERS
The directive aims to strengthen cybersecurity across Europe, affecting over 10,000 organizations in France alone. Delays in implementing NIS 2 could hinder France's cybersecurity readiness compared to other EU members.
GO DEEPER
Despite efforts, France remains behind schedule in adopting the NIS 2 directive into national law, initially planned for October 2024. Countries like Hungary and Italy have already completed transposition, highlighting France's need to accelerate its legislative process.
> FRENCH EMPLOYEES' CYBERSECURITY GAPS.
A Clusif-Ipsos study reveals a gap in cybersecurity training among French employees in SMEs.
WHY IT MATTERS
Despite awareness of cyberattacks, there's a critical need for ongoing training.
• Larger firms show better preparedness than smaller ones.
• Only half of employees in firms over 500 have received recent training.
GO DEEPER
Larger organizations (over 500 employees) have better cybersecurity training, with 66% recognizing vulnerability to cybercrime. In contrast, smaller businesses (20-149 employees) show lower awareness levels. However, 59% of employees in smaller firms feel informed about cybersecurity risks and practices. The study, conducted with 500 employees, highlights the disparity in cybersecurity readiness across business sizes.
> PICARD DATA BREACH ALERT.
A cyberattack exposed data of 45,000 Picard customers.
WHY IT MATTERS
This breach affects loyalty program members and raises security concerns.
• Customer names, birthdates, and contact info leaked.
• Bank details remain secure, not stored in user accounts.
GO DEEPER
Picard has notified the affected customers and advised them to change their passwords, especially if reused on other sites. Other retailers have faced similar breaches, highlighting the growing cybersecurity challenges.
> MOLOTOV DATA BREACH ALERT.
Streaming platform Molotov has suffered a data breach, with user information compromised.
WHY IT MATTERS
Cyberattacks are increasing, highlighting vulnerabilities in digital platforms.
• User data, such as emails and passwords, may be at risk.
• Emphasizes the need for stronger cybersecurity measures.
GO DEEPER
Molotov is the latest in a series of cyberattacks targeting streaming services, underscoring the importance of data protection. Users are advised to change passwords and monitor accounts for suspicious activity.
> CYBERATTACKS SURGE IN FRANCE.
Recent cyberattacks in France have led to the theft of most citizens' personal data.
WHY IT MATTERS
- French companies are frequent targets, leading to costly data breaches.
- Data like names, emails, and bank details are often stolen and sold on black markets.
GO DEEPER
Cybercriminals increasingly target France, with data from eight out of ten citizens circulating online. Notable breaches include healthcare providers and major telecoms, highlighting the urgent need for enhanced cybersecurity measures.
> SIEM SYSTEMS UNDERPERFORM.
Over 82% of enterprises find their SIEM tools lacking in timely threat detection.
WHY IT MATTERS
SIEM systems are crucial for detecting cyberthreats, but many are not meeting expectations. This underperformance poses a significant risk by allowing threats to go undetected, potentially leading to substantial damage.
GO DEEPER
- **Complexity & Misconfiguration**: SIEMs require precise tuning; missteps can lead to false positives and missed threats.
- **Data Overload**: Without proper data management, SIEMs can be overwhelmed, delaying alerts.
- **Skill Gaps**: A shortage of skilled personnel exacerbates SIEM management challenges.
- **Integration Issues**: Poor integration with existing systems limits SIEM effectiveness.
- **Solutions**: Regular audits, training, leveraging automation, and enhancing data management can optimize SIEM performance, transforming them into robust components of cybersecurity strategy.
> COMPLIANCE NIGHTMARE IN EUROPE?
A study finds 75% of European IT leaders uncertain about NIS2 compliance.
WHY IT MATTERS
Non-compliance risks severe penalties, including fines up to €10 million or 2% of global turnover.
• Many executives are unaware of NIS2 requirements.
• Misalignment exists between IT and company leadership on compliance priorities.
> CYBERSECURITY TRENDS FOR 2025
BeyondTrust predicts major shifts in cybersecurity, focusing on AI, post-quantum cryptography, and cyber insurance.
WHY IT MATTERS
These predictions highlight the evolving landscape of cybersecurity threats and strategies:
• AI's perceived benefits for security will be scrutinized, while its automation potential remains crucial.
• Post-quantum cryptography preparation is vital to counter potential threats from quantum computing.
• Cyber insurers may introduce exclusions for AI and quantum-related risks, indicating new threat assessments.
GO DEEPER
BeyondTrust outlines eight key areas, including the end of malware dominance, increased focus on identity protection, and potential legal implications from data breaches. The evolving threat landscape requires organizations to adapt rapidly, focusing more on identity security and the implications of advanced technologies like AI and quantum computing.
> RISING SOFTWARE SECURITY COSTS.
Securing software is increasingly expensive, with costs reaching $28,000 per developer annually.
WHY IT MATTERS
Developers spend significant time on security tasks, impacting productivity.
• Manual app analysis and multiple tools slow them down.
• Frequent context switching due to security obligations reduces efficiency.
GO DEEPER
An IDC report highlights that only 23% of developers perform SAST before production, leaving vulnerabilities. DevSecOps is crucial for future secure applications but hampered by inefficient tools.
> TIBER-EU: CYBER RESILIENCE BOOST.
TIBER-EU is a Europe-wide framework for improving cyber resilience through ethical simulations of cyberattacks.
WHY IT MATTERS
- It helps entities identify cyber vulnerabilities by simulating real-world threats.
- Enhances the cyber maturity of critical financial infrastructures across Europe.
- Facilitates mutual recognition of tests, easing regulatory requirements.
GO DEEPER
TIBER-EU involves multiple stakeholders, including threat intelligence and red-team providers, to conduct tests on an entity's critical functions. The framework aims to standardize cyber resilience efforts across Europe, inspired by similar initiatives in the UK and Netherlands. It supports entities in meeting the requirements of the Digital Operational Resilience Act (DORA) and is adopted by several European countries.
> TLPT: ENHANCED SECURITY TESTS
Financial entities under DORA must perform Threat-Led Penetration Testing (TLPT) every three years.
WHY IT MATTERS
TLPTs simulate real cyber threats to assess the resilience of critical financial entities.
- These tests are crucial for entities whose failure could impact the financial system.
- They involve stakeholders like Red Teams and must align with DORA and TIBER-EU standards.
GO DEEPER
- TLPTs cover all attack surfaces: physical, human, and digital.
- They require approval from authorities and include rigorous testing phases.
- External testers are mandatory every third test, with specific criteria for in-house testing.
> EU: SOFTWARE LIABILITY SHAKE-UP.
The EU is implementing strict software liability rules, contrasting the U.S.'s cautious approach.
WHY IT MATTERS
This move could significantly impact software security and vendor accountability:
- The EU's directive treats software like any other product, holding vendors liable for defects.
- Consumers can claim damages without proving vendor negligence.
- U.S. hesitancy stems from political and lobbying challenges.
GO DEEPER
The EU's stringent rules aim to push software companies toward better security practices, potentially setting a global precedent. Meanwhile, the U.S. strategy focuses on defining secure development standards and preventing liability disclaimers. This divergence in policy could lead to varying levels of software security and liability across regions.
> NIS2 CONFERENCE INSIGHTS
The Clusif conference on NIS2 highlights the directive's impact on cybersecurity resilience.
WHY IT MATTERS
NIS2 expands cybersecurity measures, affecting more sectors under EU directives.
• Enhances national resilience goals.
• Guides maturity in cyber skills across industries.
GO DEEPER
In April 2024, Clusif hosted a conference to unpack the NIS2 directive's implications in France.
• Topics included paradigm shifts and regulatory landscape.
• Key speakers: Héla Slim (Magellan Sécurité) and Grégoire Lundi (FTI Consulting).
> FRANCE STRENGTHENS CYBERSECURITY LAWS.
France's new "resilience" bill enhances cybersecurity measures beyond NIS 2 guidelines.
WHY IT MATTERS
The bill aims to enhance national cybersecurity by imposing stricter controls and penalties.
• It applies to all local authorities and overseas territories, ensuring comprehensive coverage.
• The ANSSI is empowered to enforce compliance, similar to the CNIL's role with GDPR.
GO DEEPER
The resilience bill transposes EU NIS2 directives into national law with additional measures. It mandates critical entities to manage risks and mitigate incidents, backed by the ANSSI's authority to conduct inspections and impose fines up to €10 million for non-compliance. This swift implementation aims to bolster cybersecurity across France without transitional delays.
> FREE DATA BREACH CONFIRMED.
Free confirms a cyberattack exposing personal data of millions of customers.
WHY IT MATTERS
The breach includes sensitive information like names, addresses, and contract details, making users vulnerable to phishing attacks.
GO DEEPER
- A hacker claims to have data on 19 million Freebox customers.
- The data has been shared on popular hacker forums.
- Users should be cautious of phishing attempts and verify suspicious communications.
> CRISIS COMMUNICATION TIPS REVEALED.
Margaux Vincent shares essential crisis communication strategies for cyberattacks.
WHY IT MATTERS
Effective communication during a cyber crisis is crucial to minimize damage and maintain trust.
• Poor communication can worsen a crisis, damaging reputation and trust.
• Accurate, honest communication helps manage expectations and reassure stakeholders.
GO DEEPER
Margaux Vincent, from France's cybersecurity agency Anssi, emphasizes the importance of humility, realism, and honesty in crisis communication. She recommends internal collaboration between IT and communication teams to prepare and execute a well-thought-out response plan. This approach not only prevents misinformation but also ensures that all parties are informed and aligned, reducing the risk of leaks and speculation.
> LIVE CYBERATTACK SIMULATION.
CCI Amiens-Picardie hosted a cybersecurity morning session for business leaders.
WHY IT MATTERS
As cyber threats rise, many companies lack proper defense plans, making them vulnerable.
• 77% of businesses lack security incident plans.
• Half of companies faced cyberattacks in 2023.
GO DEEPER
The event included a live cyberattack simulation to help business leaders understand and prepare for real threats. Experts from Orange Cyberdéfense, Axa, and the gendarmerie shared insights on threats and best practices. The importance of strong cybersecurity strategies was emphasized to protect company data and operations.
> CVE PROGRAM TURNS 25.
Bitdefender celebrates 25 years of CVE as a numbering authority.
WHY IT MATTERS
As a CVE numbering authority, Bitdefender plays a crucial role in vulnerability management.
• CVE identifiers help organizations track vulnerabilities.
• Bitdefender has been a CNA since 2019, aiding global cybersecurity efforts.
GO DEEPER
Since its inception in 1999, the CVE program has grown significantly, with over 240,000 entries today. Bitdefender's involvement ensures vulnerabilities are documented and shared, enhancing global cyber defenses. Bogdan Botezatu of Bitdefender highlights the importance of integrating CVE data for effective cybersecurity operations.
> EU STRENGTHENS CYBERSECURITY COMPLIANCE.
The EU has adopted a new implementing regulation for the NIS 2 directive to enhance cybersecurity across member states.
WHY IT MATTERS
This regulation provides clear guidelines to help essential and important entities improve their cybersecurity measures.
- It translates the general principles of the NIS 2 directive into actionable obligations.
- Aims to strengthen risk management frameworks, incident management, and supply chain security.
GO DEEPER
The regulation outlines specific measures for DNS providers, cloud services, and social media platforms to mitigate cybersecurity risks. It emphasizes proportionality, ensuring even smaller entities can adapt without undue burden. It also establishes criteria for significant incident reporting and provides guidance from ENISA to support compliance.
> NIS-2: REGULATION VS. CYBERATTACKS
The European NIS-2 directive, mandating cybersecurity measures for key companies, will take effect on October 1st.
WHY IT MATTERS
This regulation could impose significant costs on businesses deemed essential for the economy's functioning.
- The directive aims to shield vital economic players from cyber threats.
- It introduces strict legal, technical, and organizational requirements.
GO DEEPER
Companies categorized as essential or important must comply based on activity criticality, size, and revenue. The directive emphasizes economic protection, holding executives accountable for non-compliance. With cybercrime costing billions globally, NIS-2 seeks to enhance economic resilience, though compliance may not guarantee security.
> KEY EU DIGITAL LAWS OVERVIEW.
The European Commission has introduced several crucial digital legislation texts over the past five years.
WHY IT MATTERS
These regulations aim to enhance digital services' security and user protection while addressing illegal content.
- Digital Services Act (DSA) and Digital Markets Act (DMA) target online platforms and market fairness.
- Data Act and AI Act focus on data sharing and AI system regulations.
- Cybersecurity is bolstered by NIS 2, REC Directive, and DORA Regulation.
GO DEEPER
The DSA enforces transparency and accountability on platforms, while the DMA ensures fair competition. The Data Act governs data access and distribution, and the AI Act mandates ethical AI use. Cyber resilience is strengthened by directives like NIS 2, which secures essential services, and DORA, focusing on financial market stability. These laws collectively shape a safer, more equitable digital landscape in the EU.
> IMPACTCYBER INITIATIVE LAUNCHED.
Cybermalveillance.gouv.fr and partners launch ImpactCyber to boost cybersecurity in small businesses.
WHY IT MATTERS
Small businesses, making up 99% of France's economy, are vulnerable to cyber threats yet lack adequate protection. The initiative aims to raise awareness and provide practical cybersecurity resources.
GO DEEPER
The operation includes a study to assess cybersecurity maturity, a communication campaign to encourage protective measures, and a cybersecurity guide offering practical advice. Despite recognizing cyber risks, many small businesses underestimate their exposure and lack the resources to respond effectively.
> CRITICAL VULNERABILITIES ALERT.
CERT-FR highlights major vulnerabilities this week, including critical flaws in Firefox and Cisco products.
WHY IT MATTERS
These vulnerabilities pose significant security risks, allowing for potential remote code execution.
• Mozilla Firefox and Cisco Nexus issues scored 9.8-9.9 on CVSSv3.
• Immediate action is required to mitigate these threats.
GO DEEPER
CERT-FR advises reviewing vendor notices for patches. Affected products include OpenPrinting CUPS, Microsoft Visual Studio, and Zimbra. For detailed advisories, visit CERT-FR's official site.
> CRITICAL VULNERABILITIES UPDATE.
CERT-FR highlights significant vulnerabilities for the past week, emphasizing their critical nature.
WHY IT MATTERS
These vulnerabilities pose serious risks to information systems and require immediate action.
• Aruba Networks: Remote code execution vulnerabilities (CVE-2024-42505, CVE-2024-42506, CVE-2024-42507).
• Tenable: Remote code execution and denial of service vulnerabilities (CVE-2024-45491, CVE-2024-45492).
• OpenPrinting CUPS: Multiple vulnerabilities allow system information access and remote code execution.
• Zimbra: Remote code execution vulnerability (CVE-2024-45519), public exploit codes known.
• SolarWinds: Security bypass vulnerability (CVE-2024-28987) with a public proof of concept.
GO DEEPER
Users are advised to consult vendor advisories for patches and implement action plans for vulnerabilities that affect their systems. Proper testing and precautions during updates are essential to maintain service continuity.
> SAAS BACKUP: A TOP PRIORITY
Companies are prioritizing SaaS data backup due to increasing risks from service outages.
WHY IT MATTERS
The recent CrowdStrike outage highlighted vulnerabilities in SaaS dependencies, prompting CIOs to reassess backup strategies.
- SaaS data is vital for operations, and disruptions can severely impact businesses.
- Gartner predicts that by 2027, over 75% of companies will prioritize SaaS backup, up from 15% today.
GO DEEPER
Companies are evaluating SaaS providers' backup capabilities and considering additional redundancy measures. The increased reliance on SaaS means that ensuring data recovery is becoming critical for business continuity.
> PATCH MANAGEMENT CHALLENGES PERSIST.
Despite advancements, many organizations struggle with effective patch management, leaving systems vulnerable.
WHY IT MATTERS
Failure to apply patches promptly can lead to security breaches and operational disruptions.
• Only 40% of companies address critical vulnerabilities within 30 days.
• Organizations manage an average of 2,900 applications, complicating updates.
• Automation tools help but can't replace strategic oversight.
GO DEEPER
Patch management is a complex task compounded by legacy systems and organizational challenges. Many businesses face hurdles in prioritizing and applying patches due to diverse IT environments and a lack of integrated security practices. Effective strategies require collaboration between IT and security teams, focusing on shared goals to enhance system resilience.
> SHADOW IT RISKS EXPOSED.
Employees increasingly use unauthorized IT solutions, posing security risks.
WHY IT MATTERS
Shadow IT can lead to significant security threats, compliance issues, and hidden costs:
• 85% of organizations face cyber incidents, 11% linked to shadow IT.
• 81% of business workers use non-approved SaaS apps.
• Shadow IT spending can account for 30-40% of the budget.
GO DEEPER
Strategies to manage shadow IT include understanding root causes, educating employees, establishing clear policies, and leveraging technology like External Attack Surface Management (EASM) tools for real-time monitoring. These measures help organizations mitigate risks and enhance their security posture.
> FRENCH SMES UNDER CYBER THREAT.
49% of surveyed French SMEs have faced cyberattacks, revealing sector disparities.
WHY IT MATTERS
• Commerce most affected: 75% hit by cyberattacks.
• Cyberattacks lead to service disruptions and data theft.
• SMEs investing more in cybersecurity post-attack.
GO DEEPER
Despite 82% having antivirus and 80% firewalls, SMEs still face significant threats. Many rely on managed security service providers for protection, highlighting the importance of proactive cybersecurity measures.
> FRENCH SMES FACE CYBERSECURITY CHALLENGES.
A study reveals gaps in French SMEs' cybersecurity as new EU regulations loom.
WHY IT MATTERS
With the upcoming NIS 2 directive, cybersecurity is becoming a legal obligation for many SMEs, highlighting the need for better protection measures.
• SMEs are vulnerable to cyberattacks but often lack the resources to defend against them.
• The study shows that while 80% have basic protections like firewalls, more advanced measures are necessary.
• Cyber threats are diverse, affecting sectors like commerce and agriculture disproportionately.
GO DEEPER
The study by WatchGuard and OpinionWay highlights that 29% of attacked SMEs faced service disruptions, revealing the critical impact of cyber threats. As NIS 2 comes into effect, SMEs must adopt comprehensive cybersecurity strategies, including regular audits and real-time threat detection, to protect their operations. The emotional stress on decision-makers is also significant, indicating the broader impact of cybersecurity risks on personal well-being.
> EU'S CYBERSECURITY OVERHAUL.
The Cybersecurity Act is redefining ENISA's role in response to growing cyber threats.
WHY IT MATTERS
- The regulation poses significant challenges and costs, especially for small and medium enterprises.
- It introduces a framework for cybersecurity certification, impacting IT and legal departments.
- Companies must adapt through certification schemes and expert consultations to stay compliant and competitive.
GO DEEPER
The Cybersecurity Act, adopted in 2019, is crucial for creating a regulatory framework for cybersecurity in the EU. It requires firms to invest in advanced technologies and staff training. ENISA's enhanced role aids cross-border cybersecurity efforts, while a new EU certification framework standardizes practices, focusing on IT product security. Despite potential high compliance costs, aligning with these standards boosts consumer trust and fosters innovation.
> CRITICAL VULNERABILITIES ALERT.
The latest CERT-FR bulletin highlights significant security vulnerabilities from the past week.
WHY IT MATTERS
These vulnerabilities pose major risks and require immediate action.
- CVE-2024-8963: Ivanti Cloud Services Appliance exploited, CVSSv3 score 9.4.
- CVE-2024-8190: Ivanti Cloud Services Appliance, remote code execution, CVSSv3 score 7.2.
- CVE-2024-38812: VMware vCenter Server, remote code execution, CVSSv3 score 9.8.
- CVE-2024-42472: IBM QRadar SIEM, data integrity breach, CVSSv3 score 10.
GO DEEPER
- CVE-2024-45409: GitLab vulnerability allows authentication bypass.
- CVE-2024-40711: Veeam Backup and Replication, remote code execution, CVSSv3 score 9.8.
- CVE-2024-43461: Microsoft Windows vulnerability actively exploited.
- More vulnerabilities added by CISA to known exploited list.
> AI CYBERATTACKS RISE BY 2025.
37% of U.S. IT pros rank AI-enhanced attacks as the top threat for 2025, per GetApp's latest report.
WHY IT MATTERS
• AI-enhanced malware is the leading AI threat, cited by 60% of global IT professionals.
• Phishing and ransomware remain common but are increasingly sophisticated due to AI.
• Businesses must adopt new defensive strategies to combat these evolving threats.
GO DEEPER
• Ransomware: 44% of U.S. companies affected in 2024; recovery rates are improving.
• Phishing: 87% of U.S. organizations targeted; 74% of employees clicked malicious links.
• Cloud security: 56% of U.S. data breaches due to software vulnerabilities.
• MFA adoption: 51% of U.S. companies use MFA for all applications, above the global average.
> CYBERSECURITY RESOURCE GAPS.
Only 24% of French CISOs have enough resources for 24/7 cybersecurity coverage.
WHY IT MATTERS
The lack of board support for cybersecurity leaves companies vulnerable.
• 36% of CISOs have adequate cybersecurity resources.
• 35% use attack surface management techniques.
• 34% comply with regulatory frameworks like NIST.
GO DEEPER
A Trend Micro report highlights the need for better leadership and unified communication in cybersecurity. Many organizations face inconsistent cybersecurity efforts due to a lack of clear direction from top management. In France, 24% of CISOs have enough resources, with leadership often failing to take responsibility for cybersecurity issues.
> FRENCH CYBERDEFENSE EVOLVES.
Arnaud Coustillière declares French cyberdefense has caught up in the last decade.
WHY IT MATTERS
- France was lagging behind Anglo-Saxon countries in cyberdefense a decade ago.
- Significant investments and strategic legal frameworks have closed the gap.
- Military and civil sectors now show strong organizational and regulatory structures.
GO DEEPER
Arnaud Coustillière, former Commandant Cyber of the French Army, now leads the Pôle d’excellence Cyber, enhancing France’s cyber capabilities. Challenges include low engagement in scientific fields and a lack of diversity in cybersecurity. The PEC focuses on research, training, and business development to foster a robust, independent French cyberdefense sector.
> AI-DRIVEN ETHICAL HACKERS.
EC-Council launches CEH v13, integrating AI into ethical hacking.
WHY IT MATTERS
This certification equips cybersecurity professionals with AI skills to tackle modern cyber threats.
• AI-enhanced techniques increase hacking efficiency by up to 40%.
• 221 hands-on labs and 4000+ hacking tools provided.
• Includes a year-long Capture the Flag competition.
GO DEEPER
Trainees will master AI-driven hacking techniques, focusing on core cybersecurity domains and OWASP Top 10 AI attacks. For more, visit: https://www.eccouncil.org/cehv13ai/
> EU AI OVERSIGHT SHIFT.
The European Data Protection Board (EDPB) recommends that data protection authorities oversee high-risk AI systems.
WHY IT MATTERS
Designating data protection authorities (DPAs) as market surveillance authorities (MSAs) will leverage their expertise in handling personal data and ensure better regulation and security.
- DPAs’ independence and understanding of AI risks make them suitable for this role.
- Clear cooperation procedures between various regulatory bodies will be established.
- A new European data protection label for compliance with GDPR is introduced.
GO DEEPER
- The EDPB’s statement was adopted in July, aiming for member states to appoint national authorities by August 2025.
- DPAs should be the single contact points for the public and EU counterparts.
- The EuroPriSe certification criteria for subcontractors now apply EU-wide, enhancing data protection assessment.
> DATA BREACH AT ASSURANCE RETRAITE
Assurance Retraite confirms the theft of data from 370,000 beneficiaries.
WHY IT MATTERS
The compromised portal has been taken offline, but sensitive personal information, including social security numbers and income details, was stolen.
GO DEEPER
- The breach was caused by unauthorized access to the PPAS portal.
- Most stolen data is old; some affected individuals are deceased.
- No financial or payment-related information was compromised.
- A report has been filed with the CNIL, and legal action is being pursued.
> CAPGEMINI DATA BREACH.
Capgemini faces a significant data breach with internal data leaked on hacker forums.
WHY IT MATTERS
- 20GB of internal data allegedly stolen.
- Potential infiltration via an Indian subsidiary.
- Raises concerns of targeted attacks against Capgemini's environmental initiative in India.
- Could impact Capgemini's UK tax systems contract.
GO DEEPER
Two hackers, possibly the same individual under different aliases, have leaked data on the dark web. The breach might stem from a subdomain related to an environmental project in India, posing questions about the motives behind the attack—whether it’s a competitor or politically driven.
> CRITICAL VULNERABILITIES THIS WEEK
CERT-FR highlights significant vulnerabilities from September 9 to 15, 2024.
WHY IT MATTERS
These vulnerabilities pose critical risks and must be addressed immediately.
- GitLab, Nessus, Siemens, Microsoft, Adobe, Ivanti: Remote code execution and denial of service vulnerabilities.
- Active exploits: Multiple vulnerabilities are being actively exploited.
- Action required: Apply patches as advised by vendors to secure your systems.
GO DEEPER
- Full details and advisories available on CERT-FR's website.
- Example: GitLab CE (CVE-2024-6678) has a critical score of 9.9; patch is available.
- Regular updates and specific advisories ensure comprehensive risk management.
> EU CLOUD CERTIFICATION THREAT.
EUCS certification threatens France's SecNumCloud standards.
WHY IT MATTERS
The proposed EU cloud certification (EUCS) omits crucial protections, potentially allowing foreign powers like the US and China access to sensitive data. This undermines France's SecNumCloud and could derail national cloud strategies.
GO DEEPER
- The EUCS lacks the "High+" level, crucial for immunity against US and Chinese laws.
- France's cloud strategy, including the new SREN law, relies on SecNumCloud's stringent criteria.
- The debate intensifies as 12 EU countries oppose strict sovereignty standards, with future decisions pending by the next EU Commission.
> CLUSIF'S NEW CYBER CHARTER.
Clusif has released a good conduct charter for cyber rating agencies.
WHY IT MATTERS
The charter aims to address issues in cyber evaluation, ensuring consistency and transparency for organizations being rated:
• Reduces time-consuming and complex questionnaires.
• Promotes trust and improvement among rating agencies.
• Helps organizations better understand and use their cyber ratings.
GO DEEPER
The charter, developed over a year of collaborative work, is freely accessible along with a detailed presentation of its objectives:
• [Download the Charter](https://clusif.fr/wp-content/uploads/2024/04/Charte-de-bonne-conduite-des-acteurs-de-la-notation-cyber-1.pdf)
• [Read the report "Le Scoring cyber"](https://clusif.fr/wp-content/uploads/2024/04/20240417-Le-Scoring-cyber-1.pdf)
> CYBERATTACKS: A COSTLY THREAT
A single vulnerability can sink a business, as Kaspersky's analysis reveals.
WHY IT MATTERS
Cyberattacks are increasingly frequent and severe:
• Financial losses: Direct and indirect costs can be immense.
• Operational disruptions: Can paralyze daily activities for days or weeks.
• Long-term costs: System restoration and legal issues linger.
• Reputation damage: Loss of customer trust can be irreparable.
GO DEEPER
Kaspersky highlights a case where Johnson Controls faced a ransomware attack, costing over $27 million in damages. Key impacts include disrupted billing systems, strained business operations, and compromised global relationships. Protecting against cyber threats is crucial for business continuity.
> NEW EU CYBERSECURITY LAW
The Cyber Resilience Act (CRA) redefines product security in the EU, impacting all digital products.
WHY IT MATTERS
The CRA mandates higher security standards for all digital products in the EU to protect consumers and businesses.
- Affects manufacturers, importers, and distributors.
- Non-compliance can lead to hefty fines up to €15 million or 2.5% of global turnover.
- Includes all products with digital elements, with special rules for critical products.
GO DEEPER
The CRA involves a rigorous process for compliance, including:
- Legislative gap analysis
- Product security assessments
- Updated user documentation
- Vulnerability management
- Continuous internal review
Wavestone has been pivotal in shaping this act and provides insights for businesses to navigate this new landscape.