The audit café and IT security of SMEs in France

On October 15, the Aix-Bastia Regional Company of Auditors (CRCC Aix-Bastia) organised its usual audit café at La Coque.

For the event, the president of the institution Farouk Boulbahri brought in some fairly important people from the sector, namely the founder and CEO of Privowny, Hervé Le Jouan and Alexandra Barberis, the vice-president of Clusir Paca.

This article will also interest you: About 40% of detected vulnerabilities may be disclosed

"Because the auditors deal with the risk of fraud in companies, we wanted to address this topic at our Audit Café," notes farouk, President of the Aix-Bastia Regional Company of Auditors (CRCC Aix-Bastia), farouk Boulbahri.la thematic issues discussed at the event was the issue of computer security for small and medium-sized enterprises and mid-sized enterprises.

It will be noted in a nuts light that small and medium-sized enterprises have been increasingly targeting for some time. As Clusir Paca Vice-President Alexandra Barberis pointed out, about 9 companies were targeted by cyber criminals. Whether their attacks were successful or not. The reality is that SMEs are in the spotlight because they are "the weakest to resist this type of malice" says Alexandra Barberis.

SMEs are the main targets of the awareness initiated by Farouk Boulbahr "because an attack can strongly destabilize a company, or even bring it down. "Business leaders need to anticipate the threat and take it seriously. ». Note the latter.

Regarding the immediate consequences of this interest of cybercrime towards small and medium-sized enterprises. "We're basically stealing data and it can hurt a lot," says Hervé Le Jouan. As a specialist in cybersecurity and digital data protection, he says that 81% of computer attacks typically target "e-mail address theft and password theft, because it's valuable data that can be easily resold on the dark web." "With this type of information, you can impersonate, retrieve confidential data, break into networks, etc." He advises SMEs to put in place a policy that will better manage passwords. He then advocates the use of different passwords for various professional services emails, staff, and social networks. "25% of people use the same password for their social networks and bank accounts. We have to change our habits. stresses Hervé Le Jouan. For this he proposes the use of password manager to help create the different identifiers, especially when you have to leave his email address on a public or commercial site.

In addition, with regard to the IT security of SMEs, the amount at first glance that specialists are indeed available to help. Protection tools also exist, however, there should still be a focus on training and awareness of actors. "To make all employees aware of these safety issues. We lack a real culture of computer security. It goes through common sense gestures. "I stress that everyone in the company has to change their behaviour, from management to employees," says Farouk Boulbahri, president of the Aix-Bastia Regional Company of Auditors. In this context, he advises SMEs to put everything in Europe to comply with the various recommendations provided by the National Agency for Security of Information Systems, the state agency responsible for overseeing the state of cybersecurity in France. These recommendations can be found on the latter's website.

Initiatives to help SMEs better secure their information systems are not legion especially in France. Especially when they continue to neglect this important aspect of computer life. With telework going to be difficult, these companies are the most vulnerable of the moment. They should then be provided with a healthy and safe environment for more computer security. It's going to be a tough task.