Dots
Dots
Join the hub
/ news / THE_ONLY_SENSIBLE_APPROACH_TO_CYBERSECURITY

The only sensible approach to cybersecurity

Published on February 5, 2025

Since I started working in that field in 1999, cybersecurity has gone from being very low on the CIO agenda to consistently making it to the top positions on the CEO list of dreaded risks. While this has proven an arduous journey paved with lots of corporate casualties along the way, it is quite a satisfaction, particularly for those who have made it their occupational raison d’être to warn about the dangers of overlooking its necessity. But if it is now clearly out of infancy, I believe cybersecurity is somewhat still in its teens…

On the defender side, just to name a few hiccups, OT is still largely not properly secured, the cybersecurity skill and education gap is far from being bridged, and we are yet to see the power of AI fully unleashed. On the attacker side, phishing schemes that have become increasingly sophisticated, the opportunistic rise of home-working and mobility still not properly kept in check, and the greater and greater specialization of criminal groups who provide attack-as-a-service, all this makes me think that we haven’t yet seen what a massive, full-scale attack can do on a globalized economy.

Investing for cybersecurity is a tough call for decision-makers today as they are torn between the pleas of their own technical specialists, the apathy of businesses who resent controls that they perceive as business hinderance, and the pressing voices of external experts who advocate in their best interest.

 Experience has convinced me that it is a mistake to oppose the various pillars of cybersecurity: without sound detection and response capabilities, what good is an operating governance framework?

 Without the results of good third-party risk management, what base is there to make a sound investment decision about the deployment of, say, a CIAM solution? 

To me, a comprehensive approach to cybersecurity is clearly the only reasonable one.

Matthieu BENNASAR

The capacity to offer such a holistic stance on cybersecurity is becoming the main differentiator for cybersecurity providers.

Thus, be careful who you entrust your cybersecurity with: be sure to select companies with strong track record in 360° expertise, for fear of receiving misguided, partial and biased advice.”

Our related offers

SOC / MSSP

    Learn more

    Tailor-made services

      Learn more

      GRC center

        Learn more

        Discover our offers

        View all offers

        You can also read

        All the latest news

        Your cyber
        performance
        partner

        NEVERHACK is a cybersecurity group offering a full range of consulting, training, quotation, and artificial intelligence products. The mission of NEVERHACK is to create a safer digital world by providing innovative and ethical solutions. NEVERHACK encourages companies to hold the keys to the success of their projects.

        PressNAS24 France
        WhistleblowerLegal NoticeGeneral Terms
        PressR&D

        NEVERHACK is a cybersecurity group offering a full range of consulting, training, quotation, and artificial intelligence products. The mission of NEVERHACK is to create a safer digital world by providing innovative and ethical solutions. NEVERHACK encourages companies to hold the keys to the success of their projects.

        WhistleblowerLegal NoticeGeneral Terms

        NEVERHACK ©2025 All rights reserved

        Tailor-made by Makepill & 60fps