Cyber Security: The Lost Decade – 2020 Edition


October 2020 / Author: JC Gaillard
The Security Transformation Research Foundation

Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2019 version.

74 easy to read, bitesize articles grouped by themes, covering all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life, including a full new section on the COVID pandemic and its implications.

They offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Read More
Cyber Security The Lost Decade 2019 Edition

Cyber Security: The Lost Decade – 2019 Edition


October 2019 / Author: JC Gaillard
The Security Transformation Research Foundation

Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2018 version.

63 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life and offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Read More
disruption hub logo

Evolution And The Chief Information Security Officer


August 2019 / Author: JC Gaillard
Disruption Hub

The CISO cannot be credible on all fronts

Many CISOs are simply trapped in endless projects, tactical games and firefighting. They struggle to see the bigger picture, while at the same time, many senior executives have now entered the “when-not-if” era and expect real action.

JC Gaillard, former CISO and leading consultant and expert on the topic, explores the paradoxes surrounding the role of the CISO and how it needs to evolve to match the “when-not-if” paradigm around cyber attacks and the new expectations of board members.

Read More
Cyber Security:The Lost Decade - 2018 Edition

Cyber Security: The Lost Decade – 2018 Edition


October 2018 / Author: JC Gaillard
The Security Transformation Research Foundation

Why large organizations still struggle with decade-old security problems – and how to fix them

A selection of key cyber security articles from leading expert and consultant JC Gaillard published on the Corix Partners blog since 2015 and an update to our 2017 version.

52 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life and offer a truly alternative view on how to organise and manage cyber security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

Read More
Revue Telecom 109 Intelligence Artificielle

Revue TELECOM 190 – Editorial par Jean-Christophe Gaillard et Laura Peytavin


October 2018 / Authors: JC Gaillard and Laura Peytavin
Revue TELECOM

Alors que la France porte très haut en cette année 2018 le thème de l’intelligence artificielle (IA), pour en faire le Prométhée d’une nouvelle société numérique, avec de multiples conférences, une nouvelle chaire au collège de France portée par un diplômé de l’école, Stéphane Mallat (1986), de nombreux rapports de la CNIL, de la représentation nationale (Sénat et Assemblée Nationale) dont le rapport Villani établi à la demande du Président de la République, le groupe Cybersécurité de Télécom ParisTech Alumni a décidé d’explorer l’implication de la déferlante « IA » dans le domaine de la sécurité numérique.

Les contributeurs de ce dossier apportent des points de vue clés sur le sujet. Notamment sur la question de savoir si l’IA bénéficiera davantage à ceux qui veulent mettre à mal intentionnellement la sécurité de nos outils et services numériques, ou à ceux qui veulent l’employer à mieux nous défendre.

Les articles de JC Gaillard et Laura Peytavin dans ce dossier sont disponibles en anglais sur le blog Corix Partners.

Read More
kuppinger cole logo

The Digital Transformation and the Role of the CISO


July 2018 / Author: JC Gaillard
Kuppinger Cole Analysts

Cybersecurity needs to be at the heart of the digital transformation, but organisational models will have to evolve

Cybersecurity is in the process of becoming an essential component of any organisation’s digital transformation journey. There is no way around this, especially as policymakers start dipping their toes into privacy and security issues, and societal norms are shifting on the topic.

But increasingly, security and privacy become intertwined, and it makes little sense from a corporate governance perspective to allow a new privacy organisation under a DPO to grow in parallel to – or in conflict with – existing security structures.

JC Gaillard, former CISO and leading consultant and expert on the topic, re-examines how to organise and manage security in large firms, to face major digital transformation challenges and in the wake of the GDPR.

Read More
Cyber Security: The Lost Decade

Cyber Security: The Lost Decade


September 2017 / Author: JC Gaillard
The Security Transformation Research Foundation

A Security Governance Handbook for the CISO and the CIO

This is a compilation of the best cyber security management, organisation and governance articles published on the Corix Partners blog between 2015 and 2017.

They offer a truly alternative view on how to organise and manage security in large firms, inspired by the direct field experience of their author JC Gaillard, former CISO and leading consultant and expert on the topic.

35 easy to read, bitesize articles which cover all key managerial aspects around information security, from the reporting line of the CISO to the role of the Board, and how to make it work in real life.

Read More
revue telecom june 2017

Revue TELECOM 185 – Editorial par Jean-Christophe Gaillard


June 2017 / Author: JC Gaillard
Revue TELECOM

Depuis plusieurs mois, les réseaux sociaux et Internet sont envahis par une immense quantité d’articles et de contenus autour du thème du Règlement sur la Protection des Données Personnelles (RPGD), la nouvelle règlementation européenne sur la Protection des données personnelles qui entrera en vigueur le 25 mai 2018.

Juristes, cabinets de conseil grands et petits, et même éditeurs de logiciels et fournisseurs de service informatiques se précipitent sur le segment, et de fait, la nouvelle réglementation a la capacité d’être un véritable catalyseur autour de la Protection des données personnelles et de la sécurité.

Elle s’inscrit dans un contexte où les données personnelles des consommateurs et des citoyens sont en train de devenir un enjeu économique et politique de premier plan.

Mais il est essentiel de la placer dans le contexte juste et d’aller au-delà des clichés court-termistes.

Read More
Info sec mag logo

Bridging the Gap Between IT Security and IT Operations


9 June 2017 / Author: JC Gaillard
Info Security Magazine

Life for a CISO could be better. Too many today look out over an landscape overrun by poorly-deployed security tools consuming too many scarce resources, and a dynamic between IT and security that is skeptical at best and distrustful at worst.

JC Gaillard from specialist firm Corix Partners examines how deal with those issues and bridge the gap between security and IT.

Read More
fic logo 2017

Ransomware: 5 practical tips to deal with attacks, and why good practices matter more than ever


14 December 2016 / Author: JC Gaillard
FIC (International Cybersecurity Forum)

Ransomware attacks have become one of the most dominant forms of cyber-attacks over the past few years. There is no doubt that those can be very disruptive, essentially when targeting key systems, critical data, or large populations of senior executives who have to be given emergency – secure – replacement devices to continue working, and might have lost highly valuable or sensitive data in the attack. For large firms, losses can easily run into the tens of millions by the time everything is added up. At the other end of the scale, there are also many ransomware attacks targeting isolated users with low ransoms, which as a result often get paid “to get rid of the problem quickly” so that the affected individual can resume normal work.

JC Gaillard from leading consulting firm Corix Partners offers 5 practical tips to deal with attacks.

Read More