cybercrime

Category

Posts

French Press Release

Lancement de la version française de la boite à outil cybersécurité à destination des PME


LILLE, FRANCE, 28 janvier 2020  –  A l’occasion de l’édition 2020 du Forum International de la Cybersécurité (FIC), la Global Cyber Alliance (GCA), organisation internationale à but non lucratif vouée à l’éradication du cyber risque, annonce aujourd’hui un partenariat avec le dispositif national Cybermalveillance.gouv.fr, qui assure une mission de sensibilisation, de prévention et de soutien en matière de sécurité du numérique auprès de la population française. Les deux organisations collaboreront sur des initiatives visant à aider les entreprises en France à améliorer leur niveau de préparation et de réponse face aux cybermenaces. La GCA lance également la version française sa boîte à outils de cybersécurité pour les petites entreprises fournissant des outils gratuits et des conseils pratiques.

Une campagne visant à favoriser la mise en œuvre généralisée du protocole DMARC à travers la France constituera l’un des éléments clé du partenariat entre la GCA et Cybermalveillance. DMARC est une norme d’authentification des e-mails, visant à protéger les domaines de messageries d’hameçonnage (phishing en anglais), de la fraude BEC (Business Email Compromise) et des attaques de type spam. La GCA a acquis une solide expérience en matière de campagnes de sensibilisation et de soutien à la mise en œuvre de cet important protocole d’authentification des courriers électroniques. Le dispositif Cybermalveillance.gouv.fr mettra à disposition les ressources DMARC de la GCA via son portail en ligne, permettant à sa communauté de prendre des mesures contre cette menace.

« Nous  sommes particulièrement heureux que la GCA ait adapté ses supports DMARC pour nos PME françaises. Il est donc naturel pour nous de mettre à disposition de nos prestataires référencés tous les éléments leur permettant de déployer chez leurs clients cette norme essentielle dans la lutte contre la cybermalveillance. »  déclare Jérôme Notin, Directeur général du dispositif Cybermalveillance.gouv.fr.

Le partenariat visera également à aider les petites entreprises à faire face aux cyber risques par le bais de campagnes de sensibilisation et de mise à disposition de ressources. Parmi elle, la version française de la boîte à outils GCA Cybersecurity Toolkit Petites Entreprises qui offre des conseils et des outils exploitables aux petites entreprises. Représentant 99,9 % de l’ensemble des entreprises du marché français[1], plus de 40 % d’entre elles ont déjà subi une ou plusieurs cyberattaques[2]. Les attaques les plus courantes identifiées sont l’hameçonnage, l’utilisation de malwares et les rançongiciels (ransomware en anglais). La boîte à outils de la GCA contient des outils opérationnels, des documents de référence et des pas-à-pas spécifiquement concernant ces risques et aussi sur d’autres menaces courantes.

En mettant en œuvre les contrôles et les meilleures pratiques décrits dans la boîte à outils, les entreprises peuvent se protéger contre plus de 85 % des attaques courantes, réduisant ainsi considérablement le champ des risques pour elles-mêmes, leurs clients et l’ensemble de leur écosystème commercial.

Klara Jordan, Directrice exécutive de la GCA pour l’Union européenne et l’Afrique, a déclaré :
« Cybermalveillance.gouv.fr joue un rôle extrêmement important non seulement en aidant les victimes de cybercriminalité, mais aussi en fournissant des outils pratiques pour accroître la résilience de l’écosystème et nous sommes fiers de nous associer avec elle. Il s’agit d’une occasion formidable de renforcer encore plus nos relations avec la France et  de nous appuyer sur nos engagements existants pour rendre opérationnel le principe de cyber hygiène énoncé à l’occasion de l’Appel de Paris pour la confiance et la sécurité dans le cyberespace de 2018. L’une de nos philosophies directrices est d’unir les communautés et cette collaboration nous permet d’étendre les ressources de cybersécurité tout en développant de nouvelles initiatives pour soutenir nos objectifs mutuels de sécurisation du cyberespace ».

###

À propos de la Global Cyber Alliance

La Global Cyber Alliance (GCA) est une organisation internationale et intersectorielle dédiée but non lucratif qui se consacre à la lutte contre les cyber-risques et à l’amélioration de notre monde connecté. Nous accomplissons notre mission en unissant les communautés mondiales, en mettant en œuvre des solutions concrètes et en mesurant l’efficacité. Pour en savoir plus : www.globalcyberalliance.org. 

À propos de Cybermalveillance.gouv.fr

Cybermalveillance.gouv.fr est le dispositif gouvernemental d’assistance aux victimes d’actes de cybermalveillance, de sensibilisation aux risques numériques et aux bonnes pratiques associées, et d’observation de la menace sur le territoire français. Ses publics sont les particuliers, les entreprises (TPE/PME) et les collectivités territoriales.

Piloté par le Groupement d’intérêt public (GIP) ACYMA, il est composé début 2020 de 44 membres issus du secteur public, du privé et du domaine associatif, qui contribuent chacun à la mission d’intérêt général. Cybermalveillance.gouv.fr référence sur sa plateforme des professionnels en sécurité numérique, répartis sur tout le territoire français, pour venir en aide aux victimes.

En 2019, Cybermalveillance.gouv.fr a assisté plus de 90600 victimes, contre 28855 en 2018. Plus d’informations sur www.cybermalveillance.gouv.fr et sur ses réseaux sociaux Twitter et LinkedIn.

[1]         https://www.economie.gouv.fr/cedef/chiffres-cles-des-pme
[2]         https://www.francenum.gouv.fr/comprendre-le-numerique/cybersecurite-et-pme-en-2019-16-chiffres-cles-sur-la-securite-numerique-des
GCA Press Release

Launches Public French Version of GCA Cybersecurity Toolkit for Small Business


LILLE, FRANCE, Jan. 28,, 2020The Global Cyber Alliance (GCA), an international nonprofit dedicated to eradicating cyber risk, today announced a partnership with Cybermalveillance.gouv.fr, a public service focused on cybercrime awareness, prevention, and response for the French population. The two organizations will explore initiatives to help entities in France improve their level of preparedness and response against cyber threats. GCA is also launching the French version of its Cybersecurity Toolkit for Small Business, an online resource providing free tools and practical guidance to this critical sector. The announcement was made at the FIC 2020 International Cybersecurity Forum, one of the leading European conferences on cybersecurity.

A key element of the partnership between GCA and Cybermalveillance.gouv.fr will be a campaign to foster the widespread implementation of DMARC, an email authentication standard, across France as a basic protection against phishing, business email compromise (BEC), and spam attacks. In fact, phishing is a significant threat in France, and DMARC stops most email impersonation. GCA has an established track record with awareness campaigns and supporting the implementation of this important email authentication protocol. Cybermalveillance.gouv.fr will make GCA’s DMARC resources available through its online portal, empowering the community to take action against this threat.

“We are particularly happy that GCA is adapting their DMARC support resources for our small businesses in France. It is a natural step for us to let our indexed providers have access to all these resources, which will help them deploy this essential standard in the fight against cybercrime at their customers’ systems,” declared Jérôme Notin, General Director of Cybermalveillance.gouv.fr.

The partnership will also focus on helping small businesses address cyber risk through awareness campaigns and resources, including the GCA Cybersecurity Toolkit for Small Business. The French-translated version of the toolkit offers actionable guidance and tools to one of the largest economic segments of France. Small businesses represent 99.9% of all businesses in the French market.[1] And more than 40% of all French small businesses have already suffered one or more cyberattacks.[2] The most common attacks identified are phishing, malware, and ransomware. The toolkit includes operational tools, policies, and how-to materials that specifically address not only these risks but other common threats.

By implementing the controls and best practices outlined in the toolkit, businesses can protect against more than 85% of common attacks, thus significantly reducing the risk landscape for themselves, their clients, and the entire commercial ecosystem.

Klara Jordan, GCA Executive Director for the European Union and Africa, said: “Cybermalveillance.gouv.fr performs a tremendously important role in not only assisting the victims of cybercrime but in providing practical tools to increase the resilience of the ecosystem, and we are proud to partner with them. This represents a remarkable opportunity to further strengthen our relationship with France and build on our existing commitments to operationalize the cyber hygiene principles outlined in the 2018 Paris Call for Trust and Security in Cyberspace. One of our guiding philosophies is to unite communities, and this collaboration enables us to bring cybersecurity resources to scale while developing new initiatives in support of our mutual goals for securing cyberspace.”

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. Learn more at www.globalcyberalliance.org.

About Cybermalveillance.gouv.fr

Cybermalveillance.gouv.fr is the French public service in charge of bringing support to the victims of cybercrime, raising awareness about cyber risks and the best practices to prevent them, and monitoring cyberthreats across the country. Its target groups are common citizens, businesses (micro and small) as well as local authorities.

[1] https://www.economie.gouv.fr/cedef/chiffres-cles-des-pme
[2] https://www.francenum.gouv.fr/comprendre-le-numerique/cybersecurite-et-pme-en-2019-16-chiffres-cles-sur-la-securite-numerique-des
GCA Press Release

More than $10 Billion in Data Breach Losses Over Past Five Years from the Studied Incidents Might Have Been Prevented, and $150 To $200 Billion in Global Losses from Cybercrime


NEW YORK, June 12, 2019 — New research from the Global Cyber Alliance (GCA) has found that Domain Name System (DNS) firewalls, also known as protective DNS, which are freely available and easy to install, could prevent 33% of cybersecurity data breaches from occurring.

Through a simple tweak, DNS firewalls leverage threat intelligence from cybersecurity companies and/or public sources to automatically prevent users from visiting known malicious sites. Most often consumers visit a malicious site when they click on a malicious link or mistype a legitimate web address.  Malicious software on a computer or phone can also cause a visit to a malicious site.

According to Verizon’s long-running and industry-leading Data Breach Investigations Report, there were more than 11,000 confirmed data breaches collected and analyzed over the past five years. Independent researchers Shostack & Associates and Cyentia Institute working with GCA were able to determine that 3,668 of those breaches would have been potentially thwarted if users had a DNS firewall deployed.

“The constant stream of breaches has unfortunately caused many small businesses and consumers to simply accept cyber-attacks – that no matter what they do they cannot protect themselves,” said Philip Reitinger, President and CEO of the Global Cyber Alliance. “However, there are many easy-to-implement steps that can prevent businesses and consumers from being another notch in the belt of a hacker. Our research shows that protective DNS services are among the most valuable.”

According to the study, DNS firewalls might have prevented $10 billion in data breach losses over from the 11,000 incidents in the past five years. And the actual figure may be more – the researchers were unable to measure every case where a DNS firewall could have protected the victim, and their estimate of the financial impact is probably biased low.

Finally, as DNS firewalls might affect one-third of cyber incidents, and with current estimates of the scope of cybercrime, DNS firewalls might play a role in stopping $150 to $200 billion in losses every year.

DNS is the “phone directory” of the Internet as it translates human readable names like globalcyberalliance.org into computer addresses – a string of numbers otherwise known as an IP address. In order to access websites on the Internet, your computer must leverage a DNS service that is usually configured by your Internet Service Provider or your network administrator.

“I’ve always been a big fan of DNS-based controls, and I’m glad to see GCA doing something like this. There are relatively few security measures that address so many threats for so little cost and effort. I’ve configured all my home devices to use Quad9, and I suggest you give it a look as well,” Wade Baker, Ph.D., Partner, Cyentia Institute.

The Global Cyber Alliance, in collaboration with IBM and the Packet Clearing House, developed and launched Quad9, a free DNS security service that blocks known malicious domains, preventing computers and Internet of Things devices from connecting to malware or phishing sites.

A fully detailed report that highlights the GCA methodology and research findings can be found in the following report:  The Economic Value of DNS Security.

###

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

 

 

Stifel headshot

Stifel headshotThis week GCA adds another cybersecurity notable to its roster – Megan Stifel. Megan will serve as Senior Policy Counsel, where she will advise on cybersecurity policy issues, work with GCA’s US-based partners, and help drive deployment of GCA solutions.

Megan comes to GCA from Public Knowledge where she served as the Cybersecurity Policy Director and ran a cybersecurity operations and policy consulting firm, Silicon Harbor Consultants. Megan, an attorney, has deep roots in cybersecurity. She served as Senior Policy Advisor with Technology for Global Security, is a Senior Fellow in the Atlantic Council’s Cyber Statecraft Initiative and a Visiting Fellow at George Mason University’s National Security Institute. Her background includes time in government as Director for International Cyber Policy at the National Security Council, Director for Cyber Policy in the National Security Division, and as counsel in the Criminal Division’s Computer Crime and Intellectual Property Section at the US Department of Justice.

“I am very pleased to announce that Megan Stifel is joining GCA as it’s Senior Policy Counsel,” said Philip Reitinger, President and CEO of the Global Cyber Alliance.  Megan’s experience at the US Department of Justice and on the National Security Council, addressing international cybersecurity policy issues and helping stem cybercrime, will add new muscle to GCA’s efforts to mitigate global cyber risk.  Like GCA, Megan is a ‘doer,’ and that’s what we value most.”

“I’m honored and excited to join the GCA team at a critical time in international engagement on cyber issues,” said Megan. “I look forward to bringing my experience to support and expand GCA’s practical and effective approach of Do Something. Measure It. to reduce cyber risk and evolve a more sustainable Internet ecosystem.”

Megan also has experience in private practice, and prior to law school she worked for the US House of Representatives, Permanent Select Committee on Intelligence.