Cyber Trainings

Risk management, data classification, continuity, standards, major incident tracking, awareness

Management Consulting

Do you manage strategic projects ?  We can help you

Coaching

Executives, decision-makers, IT directors, CISOs, project owners, project managers, staff, students

Our areas of expertise

Strategic consulting, international project management, business or individual coaching, awareness raising

Cyber ​​Training
Cyber ​​awareness

You think you have control over your information and systems, but:

10 %
cyber attacks exploit human weaknesses often due to insufficient awareness and training of employees
1 %
of SMEs close their doors within two years of a cyberattack mainly due to a lack of preparation and anticipation
Top 1 2025
phishing, ransomware, DDoS, network intrusions, CEO scam, malware, password attack, insider attacks, advanced persistent threats (APT)

Who are we ?

It might be wise to ask ourselves who we are, in what capacity we would be qualified to support business leaders, CIOs, CISOs, prominent figures, and students in leading national or international projects, optimizing their processes, methodologies, and working methods, as well as their personal development.


After holding numerous international positions in major industrial and banking groups, in all areas of IT, from development to production, from studies to standards, from technological security to organizational security, from project management to project management, and then, quite naturally, from management to consulting firms, to share our knowledge.


Our expertise is first and foremost real-life experience, multilingual national and international experience recognized by a journalistic award in cybersecurity. Because our team is made up of professionals in management, cyber technologies, IT environments, but also in normative approaches, risk management, continuity, and administrative processes, we can put our experience at the service of your company, your projects, and your development.

Learn more

Information & News

Progress of the transposition of the NIS 2 directive

The NIS 2 Directive was published on December 27, 2022, in the Official Journal of the European Union, and requires each Member State to transpose the various regulatory requirements into national law.

The transposition of the directive takes place in two main phases:
The preparation phase of the draft law, which was presented to the Council of Ministers on October 15, 2024, with a view to its submission to Parliament and adoption.
The production phase of the decrees and orders, which will result from the consultations, in order to submit them for interministerial validation for publication in the months following the promulgation of the law.
NIS 2 will therefore enter into force in France as soon as all the transposition texts (laws, decrees, orders) have been promulgated. It is worth noting that the entry into force date does not correspond to the application date of all the regulatory requirements that will be imposed on regulated entities.

For more information:
You can find the Draft Law on the Resilience of Critical Infrastructure and the Strengthening of Cybersecurity (PRMD2412608L) on the Légifrance website.
This draft law is subject to amendment during parliamentary proceedings.

What standard for managing your security policy?

ISO 27001

ISO 27001 specifies the requirements for establishing, implementing, maintaining, and improving an Information Security Management System (ISMS) within an organization. It provides a management framework without going into detail about the specific measures to be adopted.

Compared to ISO 27701, ISO 27002 provides detailed guidelines and best practices for implementing information security measures. It covers various aspects such as asset management, risk management, physical and communications security.

Learn more

What guidelines and best practices should be used to implement information security measures?

ISO 27002

What is ISO/IEC 27002?

ISO/IEC 27002 is an International Standard that provides guidance for organizations seeking to establish, implement, and improve a cybersecurity-focused information security management system (ISMS). While ISO/IEC 27001 outlines the requirements for an ISMS, ISO/IEC 27002 establishes best practices and control objectives related to key aspects of cybersecurity, including access control, cryptography, human resource security, and incident response. This standard provides a practical reference model for organizations seeking to effectively protect their data from cyber threats. Businesses that implement the guidelines in ISO/IEC 27002 can take a proactive approach to cybersecurity risk management and protect critical data from unauthorized access and the risk of data loss.

Why is ISO/IEC 27002 essential?

 The rapidly evolving digital landscape has opened up unprecedented opportunities for businesses, but it has also introduced a myriad of vulnerabilities and threats. In this context, ISO/IEC 27002 is an essential tool that helps organizations navigate the complex web of information security challenges. It provides businesses with a proven framework of best practices to not only protect their sensitive data but also strengthen the trust of their stakeholders, customers, and partners. Implementing the controls and guidelines in ISO/IEC 27002 is based on a proactive approach to information security, helping to minimize the risks of data breaches, unauthorized access, and potential financial and reputational damage.

Link to ISO 27001:2022

       ISO 27002:2022 provides detailed guidelines for implementing the controls in Annex A of ISO 27001:2022.

       It is not certifiable but is essential for practical implementation.

Note:

       Organizations certified to ISO 27001 should refer to this version for updates.

       An application document (ISO 27002:2022/Amd 1) was published in 2023 for additional clarifications.

See the standard in detail
Sign to our newsletter

Receive the 2024 overview of cyber threats

* 2023 report on demand