northIS2, REC and DORA: these European directives and regulations, aimed at harmonizing the level of cybersecurity of companies across the continent, are highly anticipated by the digital sector and are the subject of a government bill presented on October 15. In fact, NIS2, in force since October 17, must be transposed into French law.
“These new legislations will mark a new roadmap with a concept of fines and criminal risk for managers, which will force nearly 15,000 SMEs and communities to increase their capabilities in the matter and hire personnel to do so.”explains Benoît Fuzeau, president of Clusif, an association that promotes digital security.
It is an understatement to say that companies severely lack the skills to analyze risks and respond to attacks on their information systems. “There are about 15,000 cybersecurity professionals missing, although it is a sector that today has between 30,000 and 35,000 professionals”illustrates Nolwenn le Ster, president of the cybersecurity commission at Numeum, a union of digital entrepreneurs.
Very fast diversification
These difficulties can be explained, in particular, by the very rapid diversification of professions in the sector. Most training courses struggle to keep up with business needs. “We think too much about engineering and technique, but that is not always the case. You don’t need to be an expert to manage a company’s cyber policy and ensure compliance.”describes Benoît Fuzeau.
For example, technical professions in pentestator – which consist of controlling the security of an application or system – or “ethical hacker”that create the image of the profession among the general public, only refer to “2% or 3% activity”according to Guillaume Collard, co-founder of the CSB School. Most of them are in the process of automation.
This school has specialized in governance to respond to this growing need for less “expert” profiles. As it has become difficult to prevent any attack, profiles are now needed to react once the incident occurs: “50% of our graduates have a managerial position and are close to other professionsexplains Mr. Collard. There are former lawyers who come to train and specialize in our professions. It becomes a new mandatory support function for companies, a kind of general practitioner who has an overview. »
You have 52.22% of this article left to read. The rest is reserved for subscribers.
