Loading…
Loading…
Cyber revue · Governance & the human factor
25 analyses on this topic, from the most recent to the oldest.
CybersecurityI can't listen to CISO podcasts anymoreYesterday I started one, I cut it off after eight minutes. I already knew everything. And the worst part is that I know exactly why it's like this, because I'm often on the other side of the mic, being a CISO myself.
CybersecurityMicrosoft held two opposite positions in a single week. That is the flaw.While the industry re-litigates responsible disclosure, a flaw that bypasses BitLocker is still sitting unpatched. And Microsoft, which wrote the rules of the game, just proved it only follows them when the mood takes it.
Artificial IntelligenceVibe coding must not become the Wild WestVibe coding is brilliant, but most developers overlook two things that, without their knowing it, sink projects: compliance and security. How to ship AI-based applications that actually hold up.
CybersecurityMythos is no surprise. Here is what I was saying nine months ago.99% of the vulnerabilities Mythos found are still open. The patching debt does not date from April 2026, it just stopped being invisible.
CybersecurityCISA, the GitHub leak: when the watchdog leaves the keys in the doorCISA, the US cyber agency, exposed its own AWS GovCloud credentials on public GitHub for 6 months. Anatomy of a leak in 7 failures.
CybersecurityCNIL 2025 Report, reading a regulator in transitionData processors, AI, cross-regulation, misleading record figures: what the CNIL's 2025 annual report really says about regulation in 2026.
CybersecurityThe most cautious company in AI does not secure its own shared Claude chats.Anthropic denies public access to Mythos because it is too dangerous. Meanwhile, its own claude.ai domain serves as a phishing page through shared chats. The AI industry invests in spectacular risk and neglects the mundane risk.
CybersecurityThe ANTS hack: the 2007 flaw, the 2026 cheque, and the gap no figure can closeLecornu calls the ANTS breach the "heist of the century." It is a student homework-assignment heist. A 2007 flaw. With 200 million euros of announcement effect on top.
CybersecurityMythos changes nothing. And that is exactly the problem.Mythos finds thousands of flaws in code that has been shipping for twenty years. The real scandal is not the AI. It is that it takes a $20,000 AI to uncover what basic engineering practices should have prevented.
CybersecurityWhat nobody tells you when a hospital gets attacked.A French hospital takes two years to recover from a ransomware attack. 1,000 workstations, 200 applications, patient records lost forever. I lived through a ransomware attack in 2018. What makes me angry is not the attack.
CybersecurityAI and chatbots tell you you're right. That's the worst service they can do you.Chatbots are built to tell you you're right. Researchers at MIT have shown that even a perfectly rational reasoner falls into the trap. When your job is to spot what's wrong, that's a problem.
CybersecurityYou have 29 minutes. You are already losing 20 of them. And Mythos is not the problemYou are a CISO. It is 9:14 on a Tuesday morning. Your SIEM has just flagged a lateral movement alert. Twenty minutes later, you launch your first containment action. The attacker, meanwhile, needed only 29 minutes to move across your network.
CybersecurityThe French state's cybersecurity roadmap: the document that says everything without meaning toAn official document lands on your desk. It comes from the Prime Minister. It is called "Roadmap of priority efforts for the state's digital security 2026-2027". You open it.
CybersecurityDelve: when compliance "in a few clicks" turns out to be hot airA 300-million-dollar startup accused of fabricating compliance certifications. Hundreds of companies potentially exposed. And a lesson the cybersecurity world stubbornly refuses to learn.
PoliticsAmazon and agentic AI: when the code slips out of human handsWhat has been unfolding at Amazon for the past few weeks goes far beyond a technical anecdote. It is a real-time case study of what happens when an organization pushes agentic AI into its critical systems without having built the guardrails that should come with it…
CybersecurityNIS2 in 2026: France falls behindFebruary 2026. NIS2 is supposed to have been fully operational for more than a year across Europe. Yet in France, we are still waiting for the final parliamentary debates, with adoption hoped for in the first quarter and a roadmap of…
CybersecurityWhen the internet coughs, everyone catches a cold: why the Cloudflare outage concerns us allOn 18 November 2025, millions of users watched their digital services slow down, crash, or become unreachable. X, ChatGPT, Instagram, Canva, many banking and e-commerce services... all hit. The cause?
CybersecurityThey refuse to pay a ransom... and fund cybersecurityCybersecurity: your company is paralyzed by a cyberattack. Stolen data, locked systems, a ransom demanded. Panic, stress, media pressure. A
CybersecurityOpen letter to Emmanuel Macron. Cybersecurity is not a technical subject. It is a duty of the State.Mr President Macron. I am not writing to plead a cause. I am writing because it is time to stop pretending.
PoliticsUSB stick and state silence: digital complacency has struck againSalah Abdeslam, convicted for the November 13 attacks, was taken into police custody for illegally possessing... a USB stick in prison.
EconomyAI in tourism: connected to everything... except the reality of the risks?For a few months now, we have been watching a rush toward generative AI in tourism. ChatGPT in customer service.
CybersecurityTraining executives in cybersecurity? Fine. But not like this.Today, some top business schools pride themselves on adding a cybersecurity module to their management programmes. EM Lyon, HEC, ESCP: they have all understood that digital security is now a strategic subject. Good.
CybersecurityThe AWS incident: it was not an outage, it was a reality checkVenmo, Fortnite, Snapchat, Zoom, Coinbase... everything started to crash. Not because of ransomware, a large-scale attack or a geopolitical conflict.
LeadershipLeadership and chaos: 5 mistakes we always see in a cyber crisisThere are moments when everything speeds up. An alert goes off. A service collapses. Nothing responds anymore. And then everyone turns to "management".
CybersecurityDigital sovereignty: at the Senate, they hold hearings. But when do they act?The Senate did what it knows how to do: hold a series of hearings on digital sovereignty. Experts, industry players, representatives of the State.
Don't miss the next analysis