{"id":15384,"date":"2025-05-07T12:47:12","date_gmt":"2025-05-07T10:47:12","guid":{"rendered":"https:\/\/www.poggi-avocats.com\/?p=15384"},"modified":"2025-05-19T19:12:33","modified_gmt":"2025-05-19T17:12:33","slug":"cyber-risk-management","status":"publish","type":"post","link":"https:\/\/www.poggi-avocats.com\/en\/la-gestion-du-risque-cyber","title":{"rendered":"Cyber risk management"},"content":{"rendered":"<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Cyber risk management\" width=\"1200\" height=\"675\" src=\"https:\/\/www.youtube.com\/embed\/Pj8tdKlidBI?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>The ANSSI published its threat overview on 11 March, highlighting two main risks: threats linked to the use of AI, attacks on hypervisors, the software used by cloud service providers to manage their customers, and attacks on the supply chain.<\/p>\n\n\n\n<p>A growing proportion of companies' value comes from their data, reputation and intellectual property.<\/p>\n\n\n\n<p>It is therefore essential to identify and locate these assets, map the associated risks and assess the potential financial impact if the risks materialise. This enables decision-makers to make informed cyber protection investment decisions.<\/p>\n\n\n\n<p>Decision-makers are ultimately responsible for cyber risk, and regulatory constraints are increasing.<\/p>\n\n\n\n<p>Cyber risk management requires a documented process that includes a BCP, identified players and drills.<\/p>\n\n\n\n<p>The cast includes :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Incident response teams: Internal or external SOC. The ANSSI has set up regional CSIRTs to deal with requests for cyber assistance from medium-sized organisations.<\/li>\n\n\n\n<li>Cyber insurers, who have experience of their customers' claims.<\/li>\n\n\n\n<li>Lawyers, particularly for reporting issues, which can be delicate and restrictive, especially in an international context. For example: declarations to the CNIL, ANSSI and foreign authorities.<\/li>\n\n\n\n<li>Provide lawyers with a media service to communicate with the people concerned.<\/li>\n<\/ul>\n\n\n\n<p>It should be noted that the Senate began examining the law transposing NIS 2 at the beginning of March. Already transposed in Italy and Belgium, there will be no over-transposition in France. It is advisable to wait for the ANSSI requirements framework before demonstrating compliance.<\/p>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>ANSSI published its threat overview on 11 March, highlighting two main risks: of course, threats linked to the use of AI, attacks on hypervisors, the software used by cloud providers to manage their customers, and attacks on the supply chain. A growing proportion of the value added ... <a title=\"Cyber risk management\" class=\"read-more\" href=\"https:\/\/www.poggi-avocats.com\/en\/la-gestion-du-risque-cyber\" aria-label=\"Read more about Cyber risk management\">Read more<\/a><\/p>","protected":false},"author":4,"featured_media":10243,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"La gestion du risque cyber","_seopress_titles_desc":"L'ANSSI a publi\u00e9 son panorama de la menace e 11 mars, mettant en lumi\u00e8re deux risques principaux : bien entendu, les menaces li\u00e9es \u00e0 l'utilisation de l'IA, les attaques sur les hyperviseurs, ces logiciels de gestion des clients des prestataires de cloud, et les attaques de la supply chain.","_seopress_robots_index":"","footnotes":""},"categories":[1,31,26],"tags":[56,54,53,41,55],"class_list":["post-15384","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualites","category-cybersecurite","category-use-case","tag-anssi","tag-cyber","tag-gestion-du-risque-cyber","tag-nis","tag-nis-2"],"brizy_media":[],"_links":{"self":[{"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/posts\/15384","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/comments?post=15384"}],"version-history":[{"count":3,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/posts\/15384\/revisions"}],"predecessor-version":[{"id":15404,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/posts\/15384\/revisions\/15404"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/media\/10243"}],"wp:attachment":[{"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/media?parent=15384"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/categories?post=15384"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poggi-avocats.com\/en\/wp-json\/wp\/v2\/tags?post=15384"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}