Cybersecurity in SMEs in 2023: a business differentiator?

With Timothée Jaumel, Head of IT, Rzilient

A look back at our recent webinar on cybersecurity for SMEs! I was delighted to welcome our partner, Qontrol, represented by its CEO, Michael Monerau. 👍

In this article, I offer you a summary of our exchange. It's useful and interesting, of course. But it will never be worth listening to the webinar replay! So don't hesitate:

Cybersecurity: a support function like any other

Michael began by sharing the aim of Qontrol's Saas platform: to enable customers to manage their cybersecurity like any other corporate support function.

The aim is for customers to feel at ease in managing this subject, and for it to become as commonplace as managing payroll, accounting or premises!

This is vital at a time whensolid cybersecurity has become a major factor in discussions between economic partners. ☑️

A good cybersecurity policy on the Qontrol platform consists of organizing :

• technical and infrastructure aspects;
• the tools;
• and also organizational aspects (employee training).

The aim is to avoid known cybersecurity problems:

• loss of sensitive data;
• breaches of confidentiality ;
• maintaining a good reputation;
• computer system paralysis;
• compliance with legal obligations.

‍

Cybersecurity: from risk management to competitive advantage management!

Michael believes the market is ripe to move from everyday, mainly defensive cybersecurity to a business opportunity. 📈

It's a question of moving on from the "simple" avoidance of incidents and attacks to enhancing the trust that companies can build with their partners thanks to effective cybersecurity.

The market is currently undergoing a major transformation. Cyber' is becoming a real economic imperative.

This is particularly true of regulated markets such as :

• financial services;
• HEALTH;
• and, more generally, all activities dealing with personal and/or high value-added data. In other words, a wide range of business sectors!

Cybersecurity: operational aspects

The webinar was also an opportunity to discuss the strategic and operational vision of cybersecurity in greater detail.

For Michael, the first step is to draw up an action plan to reach the level required by customers, which can take several months.

We had the opportunity to detail the operational aspects of cybersecurity, and share a series of concrete anecdotes of cybersecurity-related situations experienced by its customers.

Michael also emphasizes the importance of proof. 🔎

Knowing the source of a security breach is increasingly important for legal reasons and to protect a company's reputation.

‍

So how do you implement a good cybersecurity policy?

With 3 main focuses: anticipate, simplify and automate.

We also need to ensure that processes for access to software and IT systems are in place.

We also talk to Michael :

• the disaster recovery plan ;
• incident management ;
• as well as the communication plan.

We also address the central issue of information systems security policy, which details all the tools, processes, culture and training aspects surrounding cyber.

Michael also announces that Qontrol recently raised 1.5 million euros to accelerate its development. The aim is to support start-ups and SMEs in building their cybersecurity policy. Well done to the team! 🎉

‍

Raising funds: cybersecurity as a negotiating tool!

This exciting news about Qontrol was an opportunity to discuss the fact that investment funds now almost systematically take cybersecurity into account in their due diligence before investing in a start-up!

Indeed, in addition to the social aspects, and of course the financial ones, the subject of cybersecurity is becoming increasingly important. It's all about being able to prove your resilience on the subject. 🦾

In fact, you can accumulate a safety debt in the same way that you accumulate a technical debt!

So, to reassure investors, we can think of certifications and compliance with standards such as ISO 27001.

Michael reminds me of the particularity of Qontrol's platform, which is to provide a very rapid picture of its customers' cybersecurity debt. Thanks to this, in 2 to 3 weeks (depending on the mobilization of the customer's team), Qontrol is able to stabilize a debt.

Proof of the importance the subject is gaining in the highest spheres, Qontrol is also in discussion with the French government and theANSSI to establish a new "grammar" for cybersecurity. This work will enable players to exchange ideas and provide useful benchmarks for the market.

I hope I've inspired you to watch our webinar. And I'd like to take this opportunity to thank Michael, CEO of Qontrol, for his kind participation. ❤️

‍