WAB SUITE, A FIRST LINE OF DEFENSE TO PROTECT OPERATORS OF VITAL IMPORTANCE (OVI)

WALLIX GROUP, a software company providing cyber security and governance solutions for information systems access, has welcomed the entry into force of new regulations regarding the protection of Operators of Vital Importance (OVI) against cyber attacks. These new legal provisions open up major markets for WALLIX GROUP.

Operators of Vital Importance, around 250 corporations in France to protect

Operators of Vital Importance are defined as public or private sector operators with information systems where violations of security or functioning could substantially diminish the Nation's war or economic potential, security or survival capacity[1]. Today, some 250 state-owned corporations, government departments and major private operators in France are affected.

9 decrees already published for priority sectors

France's National Cybersecurity Agency (ANSSI) has currently published 9 sector-related decrees in the country's Official Journal which define the rules governing the security of OVI information systems. These sectors include:

• Health products

• Water management


• Food


• The provision of natural gas


• The provision of petroleum hydrocarbons


• The provision of electricity


• Maritime and inland waterway transport


• Land transport


• Air transport

Once these sector decrees enter into force from 1 October 2016, OVIs will be obliged to protect themselves against any breaches of their information systems. Accordingly, entities will be required to:

• declare any security incidents to the ANSSI;


• declare all of their Vitally Important Information Systems (VIIS) to the ANSSI;


• provide the contact details of their Fire Safety Systems (SSI) emergency services to the ANSSI;


• comply with the 20 safety regulations linked to: governance, risk and information systems management, systems protection and crisis management in the event of any major information systems attacks.

In concrete terms, OVIs will notably be required to install software or hardware accredited and recommended by the ANSSI used to permanently detect any hacking or external intrusions. They will also be required to implement the appropriate defense systems needed to anticipate and protect all extremely sensitive information against destructive cyber attacks. All offenders face a fine of up to 150,000 euros and a one-year prison sentence in the event of a "default" that compromises sensitive infrastructures.

WAB Suite, an all-in-one accredited solution

Given that this is an issue that dates back to 2013, WALLIX was quick to obtain first-level security certification (CSPN) from the ANSSI for its WALLIX AdminBastion (WAB) Suite offer. WAB Suite is an all-in-one privileged account management solution used to secure and monitor super user access and sessions. Equipped with a password safe with complex, secret and modifiable authentication features, it is able to trace all privileged account activity using real-time monitoring and recording functions.

Combined with sophisticated audit trails, this traceability optimizes response times for security officers in the event of an incident and conforms to the compliance rules dictated by the ANSSI. Rather than react to an attack, the goal is to anticipate any breaches by building adequate defense systems to protect the most sensitive information of these OVIs and avoid destructive cyber attacks.

Operating environments, WAB Suite features and functions and the sensitive data to be protected are all subjected to threat and attack scenarios in order to offer clients and partners the trustworthy solutions that are fundamental for any critical and vital organization.

Today, a host of companies have already chosen WAB to protect the passwords and privileged accounts that provide access to their sensitive data and infrastructures, or to monitor the activity of their internal and external service providers, in particular in strategic sectors such as defense, telecommunications, energy, health or financial services.

Cyber security in Europe, a Directive that will apply from 2018

A pioneer in the field, France was one of the first European Union countries to transpose the NIS Directive (Network and Information Security) adopted by the European Parliament and European Union Council which all member states will be required to implement from May 2018 at the latest.

At the same time, the approval by the European Council of its draft General Data Protection Regulation has also opened the way for its final adoption by the European Parliament. The aims of the new regulation are to:

• strengthen the level of protection for individuals whose personal data is processed, and


• increase trade and commercial opportunities in the digital single market.

The reform provides for a series of measures that will apply across the entire European Union and to all European and non-European companies that offer online services. All operators that fail to comply with this regulation can face penalties of up to €20 million or 4% of their global yearly turnover.



 

Next publication: H1 results on 27 October 2016 after the close of trading.



 

 

 

 

ACTUS finance & communication

Jérôme FABREGUETTES-LEIB – Investors Relations

+33 (0)1 53 67 36 78 / [email protected]
 

 

 

ACTUS finance & communication

Nicolas BOUCHEZ – Finance Media Relations

+33 (0)1 53 67 36 74 / [email protected]

 

Agence MyNtic-PR

Franck TUPINIER – Corporate Media Relations

+33 (0)6 74 68 37 93 / [email protected]

Source: Actusnews