EBIOS RM – A method that meets cybersecurity requirements

Add to my library

H5350 V1 Article

EBIOS RM – A method that meets cybersecurity requirements

Author : Dany CORGIAT

Publication date: March 10, 2025 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

Overview

ABSTRACT

Often denigrated because of its complexity of implementation, we believe that it was appropriate to break down misconceptions regarding the EBIOS RM 2024 method (EBIOS RM for Expression of Needs and Identification of Security Objectives Risk Management).

In this article, we will demonstrate to readers that this method is a great tool box for risk assessment. We will see that it is well-suited to the requirements of ISO 27001:2022, ISO 27005:2022 and can actively participate in building effective cyber resilience of our information assets in accordance with European directive NIS2.

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHOR

 INTRODUCTION

The history of risk management goes back several millennia, with the earliest traces of the discipline dating back to antiquity. Risk assessment then evolved steadily and significantly through different eras and civilizations to become a key discipline in our cyber defense activities.

More than ever, in 2024, assessing the risks associated with information systems security has become a priority for all our country's businesses and institutions.

In this article, we don't want to go back in time to the genesis of the first risk assessments. We simply want readers to understand that anticipating the probability (likelihood) and impact (consequence) of a malicious act can change our future. We'll see that anticipatory risk assessment using a common, internationally-proven method is, or should be, a priority in order to protect all our information assets. To give you the best possible understanding of the importance of risk assessment, we will focus on the ISO 27005 standard and the EBIOS Risk Manager method (EBIOS RM 2024).

We will also see that continuous improvement of our cyber-defense posture and the implementation of cybersecurity measures require precise identification of the attack paths that belligerents could take (which is made possible by the EBIOS RM method).

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


KEYWORDS

cybersecurity   |   european directive   |   risk management   |   ISO/IEC 27001   |   EBIOS RM   |   ISO 27005

Ongoing reading
EBIOS RM – A method that meets cybersecurity requirements

Article included in this offer

"Security of information systems"

( 88 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

Lutte contre la contrefaçon - Authentification et traçabilité

Dans le domaine de la propriété intellectuelle, est considéré comme contrefaçon tout produit copié alors ...

Sécurité de l’information, cybersécurité et protection des données de vie privée - NF EN ISO/IEC 27001 : 2023

La sécurité de l'information fait partie du périmètre de la normalisation (ISO et AFNOR). À savoir les no...

Organisation de la SSI en entreprise - Structuration et déploiement

Qu'entend-on par sécurité des systèmes d'information, dans quels buts et avec quelle organisation ? ...

NIS2 et ISO/IEC 27001 – Vers une cyberrésilience de l’Union européenne

L'objet de cet article est d’apporter des précisions sur la directive NIS2, les différences avec la norme...

Tous les livres blancs
Toutes les actualités
Contact us