To help companies and public organizations to bring Cybersecurity at the right level, Sogeti has developed a systemic approach to Cybersecurity that combines Assessment services, Consulting, Architecture and Solutions Deployment, Monitoring capabilities, Analytics and Mitigation / Remediation services.
Security of information systems is a cross-cutting issue in the company. Indeed, it involves the information systems department, the human resources department (for rights management), the finance department (for regulatory compliance issues), the security department (for industrial security and premises security), the communication department (crisis management), the legal department (partnership contracts, subcontracting and service provision where security is involved)… Therefore, it also involves general management which carries corresponding legal responsibilities. In practice, responsibility lies with the Chief Information Security Officer, who must take into account the constraints of all the above-mentioned stakeholders.
In addition, information system security is not merely a technical problem. It is a combination of technical issues (estimated 25%), organizational issues (estimated 50%) and legal issues (estimated 25%). To improve the security of an information system, these three dimensions must be addressed, plus a fourth - the company’s business, for which this information system was created.
The protection system operates as a closed loop, which guarantees continuous improvement, as part of the Plan/Do/Check/Act approach. It means the level of maturity achieved by the company in terms of security can be measured from the outset and at any time thereafter and thus provides leaders with a clear vision of the company’s security and of any residual risks. It guarantees an extremely rapid, pre-prepared reaction to incidents, which may rapidly lead to adapt the organization or the technical devices installed.
Our systemic approach encompasses:
Assessment & Audit: Identification of risks and vulnerabilities and level of security maturity.
Policy & Governance: Consulting services aiming at risk analysis, security policy development, awareness, training & organization.
Architecture & Integration: Definition of target architecture and implementation of its security components.
Monitoring and Analytics: Visibility on all information systems security incidents requiring corrective actions and security maintenance; Detection of events likely to mean hostile behaviors.
Remediation & Crisis Management: End to end crisis management (typically after a massive attack or infection).
Franck started his career in various operational roles at Alcatel and Sema Group (today Atos Origin). From 2004 to 2008, he was Vice-President (VP) of strategy, business development and marketing for Thales’ security activities, and VP of Thales Shield, which specializes in securing airports, transportation, oil and gas, and cities. Franck was then appointed Managing Director of the Information Systems Security and Cybersecurity activities for Thales Group (France, UK, Germany, Norway, USA, Asia). In 2012, Franck joined Bull as Executive VP of the Security Division, which includes cybersecurity and intelligence activities across the group. He was also in charge of the Middle East, Africa and Asia activities for Bull Group. In 2014, he was appointed Executive VP of the Infrastructure Division. Aged 45, Franck is a graduate of ESME, engineering school, and of the Executive MBA of ESSEC, Business School. From October 1, 2014 Franck Greverie was appointed as the Global Head of Cybersecurity and Corporate Vice President for the Capgemini Group, also leading Sogeti’s Cybersecurity practice.