APF France handicap mobilizes its employees against cyberattacks


APF France handicap is the new name of the association well known until 2018 under the name “Association des Paralysés de France”. Recognized as a public utility since its creation in 1933, it defends and protects people with disabilities and those of their relatives.

Today, it mobilizes nearly 90,000 players – members, elected officials, volunteers, but also users, as well as tens of thousands of donors and supporters. To date, the association has 550 structures throughout France and in the overseas territories. It has 15,000 employees.

In 2020, the organization was more concerned than ever with the risks of cyberattacks, in particular ransomware (ransomware) which affected a large number of healthcare establishments. She then decided to create a position of information system security manager (RSSI) and recruited Jules Sarrat, a graduate of Centrale Supelec, previously a cybersecurity consultant at Wavestone and an IT & cybersecurity supervisor at KPMG.

Start with an audit

After carrying out an initial security audit, and involving the association’s internal communication department, it was decided to make all employees aware of the risks of cyberattacks.

And to carry out this awareness and training mission, APF France handicap turned to a service provider software publisher: Conscio Technologies. For fifteen years, the publisher has been offering software solutions for deploying awareness campaigns and “phishing” tests. Its Sensiwave offer makes it possible to “prepare, personalize, manage and operate awareness campaigns”. She puts various preventive measures into practice.

To deploy information campaigns, this company has also developed RapidAwareness, a “turnkey” solution. It’s true that a large share – if not the majority – of cybersecurity incidents involve human error – inattention or misbehaviour, for example. It is therefore recommended to carry out information and awareness campaigns aimed at all employees, with or without a service provider.

A specific course for IT teams and management

At APF France handicap, the first campaign launched was accessible from the intranet. All staff were invited to access fun and attractive content on the principles and good practices of the fight against cybersecurity: how to prevent and avoid identity theft, harden passwords and prevent misuse, how to detect phishing risks, etc. “It’s about acquiring the right reflexes,” underlines Jules Sarrat, CISO. Another more extensive campaign dedicated to IT teams has also been set up, as well as a specific course for teams of managers.

Building on the success of the first measures applied, new campaigns will be carried out, adds Jules Sarrat, who plans in particular to make these courses compulsory for the association’s executives who make extensive use of the tools. Thanks to the various content offered by Conscio Technologies, APF France handicap plans to develop its campaigns. It is already possible to visualize the results obtained and thus ensure the progress made.

“Conscio Technologies offered us an effective awareness-raising device adapted to the diversity of profiles to be raised awareness; ready-to-use content, adaptation of contextual bubbles to stick to our practices. Ease of use and attractive pricing are just some of the advantages of this offer”, summarizes Jules Sarrat. “We are going to increase the use of the Sensiwave solution to help the association’s employees and players progress on all these cyber issues”, he adds.





Source link -97