Article | REF: H5350 V1

EBIOS RM – A method that meets cybersecurity requirements

Author: Dany CORGIAT

Publication date: March 10, 2025

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


Overview

Français

ABSTRACT

Often denigrated because of its complexity of implementation, we believe that it was appropriate to break down misconceptions regarding the EBIOS RM 2024 method (EBIOS RM for Expression of Needs and Identification of Security Objectives Risk Management).

In this article, we will demonstrate to readers that this method is a great tool box for risk assessment. We will see that it is well-suited to the requirements of ISO 27001:2022, ISO 27005:2022 and can actively participate in building effective cyber resilience of our information assets in accordance with European directive NIS2.

Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.

Read the article

AUTHOR

 INTRODUCTION

The history of risk management goes back several millennia, with the earliest traces of the discipline dating back to antiquity. Risk assessment then evolved steadily and significantly through different eras and civilizations to become a key discipline in our cyber defense activities.

More than ever, in 2024, assessing the risks associated with information systems security has become a priority for all our country's businesses and institutions.

In this article, we don't want to go back in time to the genesis of the first risk assessments. We simply want readers to understand that anticipating the probability (likelihood) and impact (consequence) of a malicious act can change our future. We'll see that anticipatory risk assessment using a common, internationally-proven method is, or should be, a priority in order to protect all our information assets. To give you the best possible understanding of the importance of risk assessment, we will focus on the ISO 27005 standard and the EBIOS Risk Manager method (EBIOS RM 2024).

We will also see that continuous improvement of our cyber-defense posture and the implementation of cybersecurity measures require precise identification of the attack paths that belligerents could take (which is made possible by the EBIOS RM method).

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!


The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors
+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year
From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

KEYWORDS

cybersecurity   |   european directive   |   risk management   |   ISO/IEC 27001   |   EBIOS RM   |   ISO 27005


This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
EBIOS RM