The latest publications in this offer are:
In 2008 Satoshi Nakamoto defined a new model of currencies. The issuance and management of such a currency take place on a peer-to-peer network without central control. Bitcoin is the first cryptographic currency created on this model. It exists since January 2009.As the 7000 other crypto-currencies of the same type created in its wake, it works through what is called a blockchain. This shared file and collectively controlled file by a peer-to-peer network can be used for many other purposes. Many applications are developed and implemented gradually, especially in the world of banking and finance.
What do we mean by information systems security, for what purposes and with what organization?This article details the key principles of information systems security, and discusses how to organize such systems, in an increasingly regulated context and in the face of ever-greater exposure to data-related risks. Governance, organizational, human and technical resources are detailed in the article, along with a number of illustrations.
We present attack mechanisms linked to social engineering, such as phishing or smishing techniques. Their prevention in the context of Information Systems (IS) cybersecurity, where human vulnerabilities account for 74% of attacks, exploiting cognitive biases and human weaknesses, based on AI tools, is strategic.Current countermeasures (training, prevention) remain limited. Dynamic and gaming approaches, reinforcing critical thinking, combined with organizational policies and integrating the human element as a key asset in a proactive security strategy, aim to anticipate future threats and yet unknown scenarios.
Often denigrated because of its complexity of implementation, we believe that it was appropriate to break down misconceptions regarding the EBIOS RM 2024 method (EBIOS RM for Expression of Needs and Identification of Security Objectives Risk Management).In this article, we will demonstrate to readers that this method is a great tool box for risk assessment. We will see that it is well-suited to the requirements of ISO 27001:2022, ISO 27005:2022 and can actively participate in building effective cyber resilience of our information assets in accordance with European directive NIS2.
Viruses and other malicious codes fall into many sub-categories, with many viral techniques, and different risks.This article presents viruses in the now more realistic general context of computer infections (malware). First, all the varieties of these programs and their functioning are explained in detail, along with their adaptation to the defenses that a user can marshal. Second, techniques to protect against malware are described. These, while generally effective, and boosted by machine learning, cannot remove all the risks, but only reduce them. It is thus essential not to rely only on installing antivirus software, however efficient. The rules of computer hygiene, which have proved very effective, must also be followed.
Embedded systems are ubiquitous in our modern societies. They are complex because they combine advanced software features, highly heterogeneous integrated hardware resources such as systems-on-chip, and more and more often communication capabilities. Their design is tightly constrained to enable optimum integration in the host system (car, plane, household appliances, etc.). This article discusses the security of embedded systems, which are vulnerable to many software, hardware, and mixed threats. The main principles of software and physical attacks are presented to help the reader understand the main protection strategies.
The purpose of this article is to clarify the NIS2 directive, the differences with the ISO/IEC 27001 standard and especially the need to implement proactive and reactive cyber resilience activities of information systems. It consists of concrete information on the benefits of this directive and how it will reduce threats induced by many vulnerabilities. This article is based on the requirements of the NIS2 directive, those of the ISO/IEC 27001 standard. It should help readers understand their many implications in the cyber security activities of our French companies and institutions.
This article deals with the notion of safety and security as understood for software in scientific and technical systems.After presenting the aspects of dependability and cybersecurity, the article is devoted to the control of functional safety and reliability of software. It presents FMEA-based safety construction methods and model-based reliability quantification methods. It also deals with the consideration of the human factor when analysing risks.The article then looks at risk reduction methods based on fault tolerance mechanisms or formal methods. It concludes by reviewing of the normative aspects and the main industrial practices in terms of functional safety.
This article deals with the notion of safety and security as understood for software.After an introduction that presents the risks involved in programmed systems, it explains the need to distinguish between the fields of information systems and scientific and technical software.The article is then devoted to the challenges and objectives of cybersecurity and presents recent feedback on the subject. It addresses risk avoidance methods based on intrusive testing, risk analysis or management of the software development process. The main risk mitigation solutions are also presented.The article concludes by reviewing the normative and certification aspects related to the security of information technology.
In order to meet the needs of the industry and consumers, the variety of connected objects never stops expanding. However cybersecurity remains a major preoccupation that limits their deployment. The multiplicity of technologies used to acquire and exchange data between the various nodes of the Internet of Things, coupled with the hardware limitations in terms of computation and user interfaces, makes it difficult to ensure end-to-end security. This article gives an overview of the risks associated to the Internet of Things through an analysis of threats, both remote and local, and it presents their countermeasures.
Access to a comprehensive database of articles
Rely on the ultimate technical and scientific knowledge database
Contents written and validated by leading experts to ensure reliability and expertise
Our experts committeeQuizzes, medias, tables, formulas, videos, practical paths, etc...
Enhanced reading experience
Reference articles available in English and French
Updates available in both languages
|
Single-user
1142 € excl. VAT
|
||
| Knowledge database | ||
| Number of licenses | Depending on company size | 1 |
| Languages | French and/or English | French and/or English |
| Access to enhanced reference articles | Unlimited | Unlimited |
| Access to archives | ||
| Publication updates and monitoring tools | ||
