What kind of expert evaluation of cyber security do experts give? The association, which brings together higher education institutions and digital companies, has done a great job of developing the skills of Bac + 5 specialists in the digital sector. The E-Skills Commission is committed to preparing the future of companies and educational institutions so that the sector can respond to changing skills as new technologies emerge and deploy. As part of this note, we would like to especially thank the National Agency for Security Information Systems (ANSSI) for participating in our exchanges and fueling the discussion.
The digital revolution we are experiencing goes far beyond a purely technological framework. This upsets the economic balance and transforms uses at a speed that has never been achieved before. This affects digital business customers in their business, value chains and organizations as well as the people in their daily lives and society as a whole, its rules and balance. This leads to the fact that users – individual or collective, public or private – are exposed to potential risks associated with the intensive use of data and the virtualization of exchanges and processes that increase the need for cybersecurity. As digital transformation operators, digital professionals face new responsibilities and requirements in the face of digital risks (cyber attacks, misuse of data, etc.).
They must ensure compliance with the legislative and regulatory framework of the systems and tools that they design and use. They must ensure that these devices are deployed in reliable environments, with partners and systems that respect the ethical and security framework. They must support the goals of cybersecurity: confidentiality, integrity, accessibility, traceability, rejection and compliance.
Many examples of data leakage in recent years have shown limitations in computer security. Remember that in France 21 security incidents are detected every day, and that 75% of faults are of human origin. The company in its global study in 2017 estimated the financial losses of French companies due to cybersecurity problems by an average of 2.25 million euros, which is 50% more than the previous year. , The need for further research in this area, the diffusion of various available technologies, the evangelization and training of users and citizens are of paramount importance.
This is also a key issue of cyber security expertise. Cybersecurity concerns everyone, and the entire population must master the basics in this area. Computer attacks can also harm factories or enterprises, sometimes in critical areas such as energy, health. In addition, the needs of our economy for cybersecurity professionals are huge. Cybersecurity is an integral part of all areas of IT and digital projects. Recruitment is perceived as a serious problem for companies in this sector, which are expected to bring in France in 2018, according to forecasts, a turnover of 2.5 billion euros, which is 17% more. In a study conducted by OPIIEC in 2017, cybersecurity represented 24,000 jobs in the engineering, digital, research, consulting, and trading fields. Industry enterprises were expecting a 6% increase in cybersecurity workforce, or 1,400 net jobs.
Cybersecurity is an interdisciplinary topic, which should be an integral part of any digital project and, therefore, any process of digital transformation, with its concept. In addition, cybersecurity is a process that occurs throughout the entire life cycle of a product or service to identify technical and organizational risks, determine methods and processes of protection, and identify detection measures. and a response to cyberattacks and a return to normal operation. The security of a digital service is understood as a chain that should encompass a comprehensive service, taking into account all its components — the network, access controls, applications, etc., and ensure the management of the whole. At each level, there are standards for developing an implementation of the cybersecurity approach.
There is a great disparity in preparedness for attacks: in general, American, German, and Belgian companies are better prepared, and four out of five French companies (81%) get a “newbie” level. The Netherlands and France are the countries that are least likely to receive an “expert” level (9%).