The "digital revolution" is transforming society at an unprecedented rate. However, the evolution of cyber threats, regulations and business requirements is creating new challenges and jeopardising the success and the adoption of digital transformation programmes.
Our strategy combines innovative software solutions and personalised support to meet the three major challenges of cybercrime, regulatory compliance and protection of personal data.
Cyber security has unfortunately become one of the major concerns of business leaders.
Company data such as intellectual property, customer data, financial information, etc. have a monetary value for cybercriminals who have therefore become professional and structured. We have to deal with cyberpirates at the service of State or mafia organisations. They are highly motivated adversaries with excellent skills. Dispersed and disorganised attacks, devised with the sheer will to do harm, have given way to extremely sophisticated attacks.
The evolution in the scope of companies and organisations is an aggravating factor. Companies, which were formerly modelled as fortresses, has given way to companies that are open to new technologies, connected objects, mobility, and the cloud, thus increasing the area of vulnerability of digital businesses. And cybercriminals are quick to exploit any flaw.
The security model for companies and organisations, which was initially designed around the network must now be geared towards data, individuals and risks, with efficient procedures and solutions in terms of governance, risk management and compliance.
Regulations, a vector for accelerating cybersecurity
GDPR, NIS, PSD2, NLA, MPL, etc... Whatever the sector or type of company, practices and organisations will undergo major changes as a result of new European regulations. This particularly concerns IT infrastructures, digital identity management and personal data. With increasingly dissuasive criminal and financial sanctions (up to 4% of global turnover for the GDPR), compliance has thus become a key axis in business strategy for cybersecurity. In particular, the protection of personal data has become a pillar of digital sovereignty. Data Protection Correspondents and future DPOs need to transform their businesses to guarantee the respect of citizens’ rights and an optimal level of security.
Cybersecurity at the heart of Gfi's Practices
Cities are transforming into open and connected Smart Cities, with intelligent networks linking Internet of Things, Cloud and Big Data.
At the heart of these spaces, personal data is processed and is accessible to an ever-increasing number of people and information systems. Cyber-attacks on a Smart City can have serious consequences for citizens: what would be the consequences of an attack on the electrical system of a hospital, or a city’s traffic light system?
The growth of Smart Cities requires cyber risks to be taken into account. Excellence in terms of cybersecurity is also an imperative.
Omnicommerce businesses are favourite targets of hackers and fraudsters. However, consumer confidence in these companies is conditioned by the level of security of the financial or personal data they manage.
There are many examples of trading companies having been pirated. In 2013, a giant American distribution chain was the victim of a large cyber-attack in which at least 40 million bank cards were hacked and some 70 million other personal details were stolen. The cyber-attack cost the CEO and the CIO their jobs and $ 1 billion to the company.
Without confidence, there is no growth. The fight against cybercrime is vital to omnicommerce.
In 2009 Stuxnet caused damage the uranium enrichment plant in Natanz. In 2014, a blast furnace was damaged in a German steelworks by an APT. In December 2016, a Ukrainian power station was neutralised by cyberpirates: 250,000 people were left without electricity. Attacks on industrial systems are a reality.
Being ever more connected, Industry 4.0 converges the IT world with that of OT and is consequently exposed to cyber-attacks. But every industrial revolution is accompanied by an essential security aspect: for the steam engine, there was the safety valve; for electricity there are fuses, for automation there are safety controllers and for Industry 4.0 there is cybersecurity, which has become an intrinsic property of these factories of the future.
Cybersecurity is therefore essential to Industry 4.0.
Banking is being digitalised to take account of new technologies and the new habits of its ever more autonomous, mobile and connected customers. Developments in Digital Banking require the information systems of banks and its partners to be more open. As a result, new threats emerge. The cybersecurity strategy of banks must therefore skilfully combine regulations, security and agility of the IS with user comfort of new digital tools.
From the protection of your information system, to access control of individuals, Gfi Informatique offers you a global answer to your security issues.
Management and CISOs must respond to these issues and Gfi Informatique accompanies you in this cybersecurity transformation with a homogeneous combination of services and solutions providing a continuous and global vision of the security of the IT (Management System), the OT (Industrial System) and the IoT (Internet of the Things).
Gfi Informatique Solutions
The overall view of the activity of an information system is essential to improve its understanding, performance and thus meet compliance requirements.
This is the essence of the Keenaï range, which offers 3 solutions:
- Keenaï Report is the solution that makes easy to visualise the security of the information system in real time and to be part of a proactive approach to security governance.
- Gfi Informatique innovates, with a business-led approach to cybersecurity operational centres. By integrating the requirements of the Security Incident Detection Service Provider repository of the ANSSI (the French National Information Systems Security Agency) at the heart of its functioning, Keenaï SOC facilitates compliance with the requirements of the Military Programming Act (MPL) and improves the capacity of detection of security incidents. This solution, given the "France Cybersecurity" label by the ANSSI, makes it possible to correlate all the events of a company thanks to the integration of Big Data technologies and its sophisticated algorithms in Machine Learning, offers the capacity to model the functioning of information systems, to identify abnormal behaviour.
- Keenaï Scada is the IT & OT security supervision solution enabling each infrastructure to benefit from knowledge of the activity of the others, in order to act as soon as possible. This solution is non-intrusive for industrial sites and is used thanks to secure Network TAPs. Integration is facilitated by source code analysis tools and automatic communication learning from industrial IoTs. This is the solution for securing Industry 4.0.
The protection of your employees, sites and installations is equally as important.
- Our Security Services solution offers access control management at all levels. With a set of specialised peripherals, this solution makes it possible to adapt to your different requirements for flow management of people, with video surveillance, head counts and alarm management. And for maximum efficiency, Security Services integrates with our Time Management solutions.
- Our Biometeria range of solutions offers a complete biometric identification solution, integrating one or more biometric technologies: fingerprints, digital signature and facial recognition. This multimodal biometry service facilitates the development of applications requiring advanced biometric identification and high performance.
Our mission: to guide you in your cybersecurity transformation
Gfi Informatique offers a range of cybersecurity services to accompany you in the security of your digital transformation:
- Accompanying the CISO in their missions: IMS Framework, security policy, risk analysis...
- Ensuring business continuity: BCP / DRP, Backup strategy, IT continuity ...
- Integrating, operating and administering security solutions, which protect your business: anti-virus, firewall, IPS...
- Maintaining the secure operating conditions of your infrastructure
- Supervising your security with our Security Operations Centre (SOC)
- Accompanying DPOs in their duties: situational analysis, GDPR programme,
Thanks to our knowledge of IT risks, strategies and practices of large and small businesses, we can develop relevant and effective cyber security strategies and thus address key business issues:
- How can I comply with regulatory requirements, including the GDPR?
- How can I transform my security model that is "Network" oriented into a "Data" oriented model?
- Is my company resilient and secure enough?
- How to implement, deploy and monitor a security policy
- How can I transform the day-to-day practices of my employees, involve the general management and develop a true cybersecurity culture?
- Are the risks of my digital transformation under control?
In France and abroad, our consultants, experts and engineers with their cybersecurity skills and in-depth knowledge of standards, processes, methods and tools are there to support you in the security of your digital transformation.