Cybersecurity

• Maturity Audit and Security Posture Assessment
  
  • Comprehensive analysis of existing controls (processes, tools, organization) based on recognized frameworks (ISO 27001, NIST, SWIFT CSCF, SOC 2, etc.)
  • Provides a clear and prioritized status report, with an optional industry benchmark
• Third-Party Risk Management (TPRM) security assessment
  
  • Assessment of providers’ compliance with client security requirements and best practices
  • Delivers a clear and prioritized status report, with an optional benchmark
• Cyber risk mapping and criticality analysis
  
  • Identification of relevant risk scenarios, assessment of impact and likelihood, followed by hierarchical risk mapping
  • Objective: translate technical challenges into concrete business risks understandable by leadership
• Cybersecurity master plan and roadmap definition
  
  • Development of a multi-year strategic cybersecurity vision integrated with the information system and corporate strategy
  • Roadmap includes prioritized projects, milestones, estimated budgets, and clear alignment with compliance and innovation goals
• Cyber GRC governance setup
  
  • Structuring committees, roles, responsibilities, management processes, and documentation
  • Can be integrated with existing GRC processes (ERM, quality, compliance) for consolidated risk management
• Cyber KPI/KRI definition and monitoring
  
  • Selection and implementation of relevant security indicators (tactical, operational, strategic), with regular reporting to executive management or risk department
• Regulatory Compliance Support
  
  • Preparation and maintenance of compliance with applicable regulations, directives, and standards: AI Act, NIS2, DORA, GDPR, LPM, etc.
  • Audit assistance, requirements scoping, and remediation planning.
• SOC 2 / ISAE 3000 / DORA and Other Certification Support
  
  • Initial diagnosis / status assessment
  • Scope definition and Trust Service Criteria (TSC)
  • Gap analysis / maturity evaluation
  • Control design and implementation
  • Remediation and tooling phase
  • Audit preparation and simulation
  • Assistance during independent audit
  • Post-audit follow-upt

• Definition of cybersecurity strategy
  
  • Development of an information security master plan aligned with business challenges, identified risks, and regulatory requirements
  • Prioritization of projects, resource scoping, and planning
• Oversight of security governance
  
  • Establishment and facilitation of cybersecurity committees, monitoring of action plans, coordination of stakeholders (IT, risk management, business units, service providers)
  • Regular reporting to senior management or the Executive Committee (COMEX)Regular reporting to senior management or the Executive Committee (COMEX)
• Monitoring of security indicators and reporting
  
  • Development and monitoring of KPIs/KRIs tailored to your organization: vulnerability remediation rates, detected incidents, regulatory compliance, progress of information security plans
  • Consolidating dashboards
• Management of compliance and audits
  
  • Preparation for audits including AI Act, ISO standards, SOC 2, NIS2, GDPR, and others
  • Managing responses to internal and external controls
  • Monitoring of remediation plans
• Management of cybersecurity and IT projects
  
  • Oversight or assistance in deploying security projects (IAM, SOC, network segmentation, audits, etc.) working closely with your internal teams or external vendors
• Incident management and crisis communication
  
  • Involvement in crisis response teams
  • Internal and external communication
  • Support in incident management and escalation to authorities if necessary
• External representation
  
  • Acting as the company’s security spokesperson to clients, partners, suppliers, auditors, and regulators as required
  • Drafting of security-related contractual or regulatory documentation

• AI Red Teaming
  
  • Assessment of artificial intelligence models and their exposure to specific risks: adversarial attacks, model extraction, data poisoning, poor API isolation, and inadequate model governance
• Penetration Testing (Pentest)
  
  • Targeted or comprehensive assessment of your systems (infrastructure, web applications, cloud, APIs, workstations, Wi-Fi network, etc.) using controlled offensive techniques
  • Each identified vulnerability is documented, prioritized, and accompanied by concrete and actionable remediation plans.
• Red Teaming / Purple Teaming
  
  • Realistic attack simulations under real-world conditions (without notifying internal teams), with business-oriented objectives (data exfiltration, account takeover, privilege escalation)
  • Integration of Purple Team exercises to enhance the detection and response capabilities of your defense teams
• Configuration and code audits
  
  • Comprehensive security assessment of software components, system configurations—including Active Directory, servers, and cloud environments—and source code, covering back-end, front-end, and automation scripts
• Social engineering tests
  
  • Conducting phishing, vishing, and physical intrusion campaigns to evaluate human and organizational resilience to manipulation
  • Analysis of results and awareness recommendations
• External Attack Surface Management
  
  • Mapping of your internet-exposed assets, detection of vulnerabilities and publicly accessible sensitive information
  • Passive and active monitoring of your digital footprint
• Post-test support
  
  • Detailed presentation of results in committee meetings
  • Remediation assistance
  • Drafting of prioritized action plans
  • Follow-up tests to confirm remediation effectiveness

• Continuous vulnerability mapping
  
  • Automated and regular scanning of your assets (servers, endpoints, applications, containers, cloud) using advanced scanning tools
  • This technical monitoring ensures an up-to-date view of your exposure surface.
• Contextualized criticality analysis
  
  • For each detected vulnerability, we correlate technical scores (CVSS and EPSS), exploitability factors (KEV, availability of public exploits, presence of network vectors), and potential impact on your critical business processes.
• Remediation planning and management
  
  • We assist you in defining priorities, scheduling fixes, and coordinating between technical teams, with rigorous tracking of deadlines and applied treatments.
• Dashboard and Key Indicators Performence
  
  • Provision of consolidated KPIs and KRIs: unpatched critical vulnerabilities, average remediation times, exposure levels by entity or environment
  • These elements enable clear, actionable management by IT and Cyber leadership.
• Regular security steering committee
  
  • Organization of monthly or quarterly committees to analyze trends, arbitrate priorities, monitor progress, and raise awareness among decision-makers about real risks associated with unaddressed vulnerabilities
• Integration with our SOC / GRC services
  
  • Capability to interface the VOC with a SOC to detect exploitation attempts in real time, or with cybersecurity governance to escalate risks into the organization’s overall risk map

• System hardening
  
  • Applying security best practices, including CIS Benchmarks and local regulatory guidelines, across operating systems, databases, application servers, and network equipment
  • Minimizing the Technical Attack Surface
• Access and Identity Management (IAM)
  
  • Deployment or enhancement of strong authentication solutions, privileged account management (PAM), and identity governance (including lifecycle and access rights reviews), with a strong focus on segregation of duties
• Network segmentation and zoning
  
  • Deployment or assessment of network segmentation strategies — including LAN, VLAN, and DMZ—as well as micro-segmentation within cloud or data center environments, combined with inter-zone traffic filtering.
  • The goal is to restrict lateral movement during a security breach.
• Securing cloud environments
  
  • Security configuration review across AWS, Azure, and GCP platforms, including role management, access policies, encryption, activity logging, and managed service settings
  • Ensuring compliance with Cloud Security Alliance (CSA) best practices
• Endpoint and Bring Your Own Device (BYOD) security
  
  • Strengthening user endpoints through encryption, access restrictions, Mobile Device Management (MDM), and Endpoint Detection and Response (EDR)
  • Remote work environment security
  • Integration of a clear BYOD policy
• Securing DevOps and CI/CD pipelines
  
  • “Review of the development pipeline and CI environments, including secrets management, access control, runner hardening, and container security

• Deployment and configuration of SIEM
  
  • Deployment of a SIEM solution scaled to your organization's size and traffic volumes
  • Gathering, normalizing, and correlating logs generated by your systems, networks, applications, and security equipment
• Implementation of Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) systems
  
  • Deployment and operation of EDR and/or NDR systems to detect abnormal activities on networks, endpoints, servers, and cloud environments, featuring automated escalation of contextualized alerts
• Development of use cases and detection policies
  
  • Creation of tailored detection scenarios aligned with your unique risk profile, including data exfiltration, lateral movement, authentication breaches, anomalous SaaS usage, and more
  • Integration of DORA and NIS2 requirements, if applicable
• Continuous monitoring and event analysis
  
  • 24/7 active monitoring or defined time slots, including investigation of suspicious events, alert qualification, and escalation according to a jointly defined protocol
• Minimization of false positives with enhanced contextualization
  
  • Tailoring detection rules to your unique technical and business environment.
  • Incorporating Threat Intelligence to enhance alerts with pertinent Indicators of Compromise (IOCs)
• Executive dashboards and reporting
  
  • Delivery of intuitive dashboards to support operational and strategic oversight, featuring metrics such as average detection time, alert categories, severity levels, and remediation activities
  • Monthly reporting and review committees
• Simulated cyber attack exercises (Purple teaming)
  
  • Ongoing assessment of detection effectiveness via controlled attack simulations (Red team light), fostering a culture of continuous improvement
• Alignment with the incident response plan
  
  • Smooth integration with incident response teams, including playbooks, escalation procedures, and crisis management protocols
  • Capability to be combined with our CSIRT and crisis management offerings

• Rapid activation of a cyber crisis team"
  
  • "Deployment of specialized experts—including technical, crisis management, communication, and governance roles—to coordinate and manage incident response following proven frameworks (CERT/CSIRT)
• Technical analysis & forensic investigation
  
  • Gathering and analyzing artifacts such as logs, network flows, disk images, and files.
  • Attack chain reconstruction
  • Identifying attack vectors and affected systems
• Containment of the attack and implementation of remediation actions
  
  • Segmentation of affected systems
  • Revocation of unauthorized acces
  • Remediation of infected endpoints and servers
  • Enhancement of security measures following an incident
• Regulatory compliance management and crisis communication
  
  • Assistance with notification to local regulatory authorities
  • Preparation of internal and external messages
  • Collaboration with legal, business, and partner teams
• Secure environment reinstatement
  
  • System reinstallation or recovery
  • Verification of data/system integrity
  • Security testing after system restoration
  • Assistance with phased business continuity recovery
• Business impact assessment and related documentation
  
  • Evaluation of operational, legal, financial, and reputational consequences
  • Development of incident reports tailored for both internal and external stakeholders
• Lessons learned and ongoing improvement
  
  • Conducting lessons learned session
  • Root cause analysis
  • Enhancement recommendations for current controls—technical, organizational, and contractual
• Readiness training through simulated exercises
  
  • Facilitation of cyber exercises and tabletop simulations to prepare your teams for effective response during future crises

• Leadership and Executive Committee (COMEX) acculturation
  
  • Strategic sessions on cyber and AI challenges: governance, legal responsibility, compliance (AI Act, DORA, NIS2, GDPR), crisis management, reputational impacts
  • Objective: to enable informed decisions and active engagement of decision-makers
• Staff training on cyber hygiene best practices
  
  • Deployment of awareness programs tailored to all profiles: e-learning, workshops, interactive materials, posters, security challenges
  • Topics covered: phishing, passwords, use of AI tools, secure browsing, vigilance against misinformation
• Technical training for IT and data teams
  
  • Advanced modules on securing AI environments (MLOps, APIs, training data storage, IAM), detecting AI-driven attacks (model poisoning, adversarial inputs), and implementing appropriate security policies
• Training on AI governance and ethics
  
  • For business units, legal, compliance, and data owners: principles of responsible AI, explainability, transparency, bias management, and emerging regulatory frameworks (AI Act, ISO 42001...)
• Cyber / AI crisis management workshops
  
  • Realistic incident simulations including chatbot breaches, scoring engine manipulations, and model exfiltration
  • Objective: test team coordination, strengthen response processes, and enhance organizational resilience
• Definition of tailored learning paths by target audience
  
  • Development of annual or multi-year training plans integrated into your cyber and AI strategy
  • Adaptation of formats (in-person, remote, blended) and monitoring of skill development
• Assessment of learning outcomes and maturity indicators
  
  • Assessment tests
  • Training feedback questionnaires
  • Monitoring the advancement of security culture metrics and the uptake of AI challenges
• Alignment with your governance, risk management, and compliance efforts
  
  • Evidence and proof of awareness activities for internal audits, ISO certifications, SOC 2 / ISAE 3000 attestations, or regulations (DORA, GDPR, AI Act)

‍