Cybersecurity and Decision Makers. Marie De Fréminville
Читать онлайн книгу.196 189
197 190
198 191
199 192
200 193
201 194
202 195
203 196
204 197
205 198
206 199
Cybersecurity and Decision Makers
Data Security and Digital Trust
Marie de Fréminville
First published 2020 in Great Britain and the United States by ISTE Ltd and John Wiley & Sons, Inc.
Apart from any fair dealing for the purposes of research or private study, or criticism or review, as permitted under the Copyright, Designs and Patents Act 1988, this publication may only be reproduced, stored or transmitted, in any form or by any means, with the prior permission in writing of the publishers, or in the case of reprographic reproduction in accordance with the terms and licenses issued by the CLA. Enquiries concerning reproduction outside these terms should be sent to the publishers at the undermentioned address:
ISTE Ltd
27-37 St George’s Road
London SW19 4EU
UK
John Wiley & Sons, Inc.
111 River Street
Hoboken, NJ 07030
USA
© ISTE Ltd 2020
The rights of Marie de Fréminville to be identified as the author of this work have been asserted by her in accordance with the Copyright, Designs and Patents Act 1988.
Library of Congress Control Number: 2019956830
British Library Cataloguing-in-Publication Data
A CIP record for this book is available from the British Library
ISBN 978-1-78630-519-0
Foreword
Directors and executives are now at the heart of cybersecurity issues. This is my conviction; this is my experience gained by launching one of the first cybersecurity companies in 2005 and by meeting many executives. This is my conviction as the director of a defense company that is particularly exposed to these risks, as well as active in the development of new protection strategies.
Let us make this expertise a driving force for differentiating our companies and France as a safe place to do business. This is where this book written by Marie de Fréminville takes on its full importance.
It brings together five years of work and exchanges between experts and leaders, between the State and industrial actors who forge our conviction that the issue of cybersecurity can no longer remain confined to the circles of geeks, but that it has become a real issue of economic resilience.
The issue is obviously much broader, and corporate governance must address it in all its dimensions: economic resilience, vulnerability of extended business strategies, customer protection, human issues, infrastructure development, insurance policy, crisis management, etc.
The general management and its board of directors must not only be aware of this, but must also each act according to its own responsibility, in order to set up the necessary organizations, risk governance, as well as the company’s protection systems. It is this “call to consciences” that must resonate with the reader, who must then find appropriate solutions: this book will provide you with possible solutions and will enlighten you on the risks to be taken into account to inform your decisions.
As they say in the shift changeover: now it’s up to you to take care of it…
Hervé GUILLOU
President and Chief Executive Officer
Naval Group
Preface
The organization of round tables with HEC Gouvernance and workshops with the Swiss Women Directors’ Circle (Cercle Suisse des Administratrices) was the starting point of this book for decision makers: managers and directors of companies, public organizations, foundations or associations.
The protection of the company’s strategic data and information systems is the responsibility of the directors and executives, as well as the company’s decision makers, within the operational and functional departments, inside and outside the company.
The comments of the various speakers at these round tables have been included in this book.
In October 2016, “Understanding and preventing cyber-risks: a priority”:
– Hervé Guillou, President and Chief Executive Officer of Naval Group;
– Alain Juillet, Director of Intelligence at the DGSE, Senior Manager for Economic Intelligence at the SGDSN and President of the CDSE (Club des directeurs de sécurité et de sûreté des entreprises);
– Guillaume Poupard, Director General of ANSSI (Agence nationale de la sécurité des systèmes d’information);
– Alain Bouillé, President of CESIN (Club des experts de la sécurité de l’information et du numérique);
– Alexandre Montay, Secretary General of METI (Mouvement des entreprises de taille intermédiaire).
In June 2017, “Cyber-risk: a subject to govern”:
– Yves Bigot, General Manager of TV5 Monde;
– Brigitte Bouquot, President of AMRAE (Association pour le management des risques et des assurances de l’entreprise);
– Frédérick Douzet, Professor of Universities at the IFG (French Institute of Geopolitics) of the University of Paris 8 and Castex Chair in Cyberstrategy;
– Solange Ghernaouti, Professor of Information Security at UNIL (université de Lausanne) and Director of the Swiss Cyber Security Advisory and Research Group;
– Philippe Gaillard, Director of Technical and Cyber-risks at Axa France;
– Alain Robic, Partner Enterprise Risks and Services at Deloitte – Information Systems Security.
In December 2018, “Cybercrime and personal data protection: what good practices for the board of directors and managers?”:
– Isabelle Falque-Pierrotin, President of the CNIL (Commission nationale de l’informatique et des libertés) since 2011, elected in 2017 in Hong Kong, President of the World Conference of Data Protection and Privacy Commissioners;
– Philippe Castagnac, President of the Management Board of Mazars, an international, integrated and independent organization