The Forum International de la Cybersécurité (FIC) has a growing number of visitors each year. More and more companies are present. Safety is a theme that is rooted in the DNA of EBRC (European Business Reliance Centre), so we have to be active and visible in this context. In addition to conferences, this is a great opportunity for us to approach new customers, and to meet our current customers and partners in a different context.
At the Forum International de la Cybersécurité (FIC), EBRC had the opportunity to announce its point of view for the security market, and its commitment to international development. Interview of Regis Jeandin, EBRC Head of Security Services, on the strengths of EBRC and its response to the crisis of trust in the IT sector.
Last year, you were already standing alongside your partners Guidance and Itrust. Why is the FIC a highlight for EBRC?
What are EBRC's strengths that make it attractive for the French and European market in terms of security?
- Our certifications are an undeniable differentiator and include ISO 27001 (information security management), ISO 20000 (service management) and PCI DSS (data security in the payment card industry). In the context of new regulations, and with our certifications, our strong security culture and experience rooted in Luxembourg, we have are ahead of many other players and countries.
- Luxembourg regulation as a historic asset. EBRC has enjoyed the status of PSF and other certifications for over 10 years. Our experience with the very restrictive Luxembourg financial sector has allowed us to obtain widely recognised expertise which we offer to all sectors. Our 'end to end' service offering has a proven track record. It is able to strengthen the client's confidence in our ability to support and deliver solutions compliant with the most stringent requirements.
- One-Stop-Shop. More and more companies are offering advice on different aspects of security. The problem: those who have to meet several challenges have to call upon several external suppliers! This fragmentation raises many fears. EBRC's unique integrated and certified 'One-Stop-Shop' offering allows us to control the entire value chain. Our experience in continuity management (ISO 22301) reflects our vision in this regard: what matters is the continuity of the business and its IT. Cyberspace is one risk among many others: you need a comprehensive approach!
The FIC has intensely discussed the General Data Protection Regulation (GDPR). Will you support your clients in this area?
Yes. And we have the strengths needed to do so, starting with our compliance with the Luxembourg regulatory framework. To explain what this means when talking to customers outside of the Luxembourg: it puts us in a good position to help them face new challenges such as those of the GDPR. The status of PSF is not just yet another acronym in the face of a real crisis of confidence: to the customer, it is a real guarantee for compliance. For example, all PSF are already required to report their cyber security incidents and and to carry out 'Risk Assessments'. We have a head start on the new requirements and are able to meet these challenges and thus to respond to the concerns of our customers.
Does the GDPR meet the cybersecurity challenges of the present and future in your opinion?
There are many legal differences in Europe. The GDPR is an opportunity to make the landscape smoother and fill in the many gaps that exist. By including the threat of sanctions and fines, the new directive may force leaders to pay more attention to the security of their business and the allocated budgets. C levels are now becoming aware of the need to ensure even better protection of their data... But beyond this, investing in security also has to enable businesses to safeguard their reputation, to offer guarantees of confidence and to ensure a sustainable future development...
For example, there is talk in France of extending the obligation to report incidents of Operators of Vital Importance (OIV) to equally critical infrastructures, the SEVESO sites (industrial sites with major accident hazards).
So security is no longer just a matter of infrastructure and services?
Businesses have to communicate more intensely about this essentially global problem. Security depends on hardware, software and above all... people! EBRC also supports its customers in that last aspect. For 2016, we have prepared a range of training sessions and events:
- the Cybersecurityforum.eu with our shareholder POST, on March 15, with special guest Marc Elsberg, author of the futuristic novels 'Blackout' and 'Zero'
- 'Data Analysis with Splunk', available for free on the premises of EBRC
- 'Business Continuity Management System Trainings'
- 'Training ISO 22301 BCM Foundation' on March 7 and 8
- 'Training ISO 22301 BCMS Lead Implementer' on February 22 and 26
EBRC maintains its ambition to be a leading security partner for companies in the Greater Region and to expand internationally based on its core values that have remained unchanged for 15 years: high standards, excellence, expertise and confidence.
Interview of Régis Jeandin, EBRC, published on the IT Nation Mag 2016