Security approach

Our Systemic Approach to Cybersecurity

To help companies and public organizations to bring Cybersecurity at the right level, Sogeti has developed a systemic approach to Cybersecurity that combines Assessment services, Consulting, Architecture and Solutions Deployment, Monitoring capabilities, Analytics and Mitigation / Remediation services

Security of information systems is a cross-cutting issue in the company. Indeed, it involves the information systems department, the human re­sources department (for rights management), the finance department (for regulatory compliance issues), the security department (for industrial secu­rity and premises security), the communication department (crisis management), the legal department (partnership contracts, subcontracting and service provision where security is involved)… There­fore, it also involves general management which carries corresponding legal responsibilities. In practice, responsibility lies with the Chief Informa­tion Security Officer, who must take into account the constraints of all the above-mentioned stakeholders.

In addition, information system security is not merely a technical problem. It is a combination of technical issues (estimated 25%), organizational is­sues (estimated 50%) and legal issues (estimated 25%). To improve the security of an information system, these three dimensions must be ad­dressed, plus a fourth - the company’s business, for which this informa­tion system was created.

The protection system operates as a closed loop, which guarantees continuous improvement, as part of the Plan/Do/Check/Act approach. It means the level of maturity achieved by the com­pany in terms of security can be measured from the outset and at any time thereafter and thus provides leaders with a clear vision of the com­pany’s security and of any residual risks. It guarantees an extremely rapid, pre-prepared reaction to incidents, which may rapidly lead to adapt the organization or the technical devices installed.

Our systemic approach encompasses:

Assessment & Audit: Identification of risks and vulnerabilities and level of security maturity.

Policy & Governance: Consulting services aiming at risk analysis, security policy development, awareness, training & organization.

Architecture & Integration: Definition of target architecture and implementation of its security components.

Monitoring and Analytics: Visibility on all information systems security incidents requiring corrective actions and security maintenance; Detection of events likely to mean hostile behaviors.

Remediation & Crisis Management: End to end crisis management (typically after a massive attack or infection).


Our Cybersecurity Warriors

Sorry, this content can only be visible if Functional Cookies are accepted. Please go to the Cookie Settings and change your preferences.

todo todo
  • Vincent Laurens
    Vincent Laurens
    Vice President - Global Head of Cybersecurity - Sogeti Group
    +352 31 44 01 276