Our Systemic Approach to Cybersecurity

To help companies and public organizations to bring Cybersecurity at the right level, Sogeti has developed a systemic approach to Cybersecurity that combines Assessment services, Consulting, Architecture and Solutions Deployment, Monitoring capabilities, Analytics and Mitigation / Remediation services.

Security of information systems is a cross-cutting issue in the company. Indeed, it involves the information systems department, the human re­sources department (for rights management), the finance department (for regulatory compliance issues), the security department (for industrial secu­rity and premises security), the communication department (crisis management), the legal department (partnership contracts, subcontracting and service provision where security is involved)… There­fore, it also involves general management which carries corresponding legal responsibilities. In practice, responsibility lies with the Chief Informa­tion Security Officer, who must take into account the constraints of all the above-mentioned stakeholders.

In addition, information system security is not merely a technical problem. It is a combination of technical issues (estimated 25%), organizational is­sues (estimated 50%) and legal issues (estimated 25%). To improve the security of an information system, these three dimensions must be ad­dressed, plus a fourth - the company’s business, for which this informa­tion system was created.

The protection system operates as a closed loop, which guarantees continuous improvement, as part of the Plan/Do/Check/Act approach. It means the level of maturity achieved by the com­pany in terms of security can be measured from the outset and at any time thereafter and thus provides leaders with a clear vision of the com­pany’s security and of any residual risks. It guarantees an extremely rapid, pre-prepared reaction to incidents, which may rapidly lead to adapt the organization or the technical devices installed.

Our systemic approach encompasses:

Assessment & Audit: Identification of risks and vulnerabilities and level of security maturity.

Policy & Governance: Consulting services aiming at risk analysis, security policy development, awareness, training & organization.

Architecture & Integration: Definition of target architecture and implementation of its security components.

Monitoring and Analytics: Visibility on all information systems security incidents requiring corrective actions and security maintenance; Detection of events likely to mean hostile behaviors.

Remediation & Crisis Management: End to end crisis management (typically after a massive attack or infection).


Our Cybersecurity Warriors

todo todo
  • Franck Greverie
    Franck Greverie
    Global Head of Cybersecurity
    +33 1 58 44 58 15
  • Frédéric Beaufils
    Frédéric Beaufils
    Group Chief Strategy & Transformation Officer at Sogeti
    +33 6 07 43 23 81