With a presence in 15 countries and 13,900 employees, the Tessi Group manages massive volumes of sensitive data (personal, health, financial) on a daily basis.
The group's cyber organization is complex: more than 10 different information systems to manage, local CISOs and dispersed operational teams, working on different tools and in different ways. The teams work mainly in Excel, with heterogeneous data, sometimes obsolete, and could only obtain reports that were difficult for management to use.
This manual approach resulted in considerable time wasted, a fragmented view of the security posture, and a lack of traceability of audit evidence.
It was in this context that Jérôme Farrouil realized that their current methods had their limitations and that acquiring a new tool was necessary.
on multi-subsidiary organizations
without disrupting existing practices
and its clear interface
To effectively manage the group's cybersecurity and prioritize its actions, it was essential to have a clear and granular view of Tessi's entire organization:
A clear visualization of internal security and critical applications.
The cyber department now has a consistent view, updated in real time, and each critical application has a dedicated cyber score.
Each month, consolidating indicators required a full week of work, just to aggregate the data. Thanks to Tenacy's intelligent modeling and feedback from their connectors, Jérôme Farrouil is able to speed up data processing and make it more reliable.
Reliable data refreshed in real time.
"Automation means reliability: you know where you stand at all times, without having to chase after Excel files."
Jérôme Farrouil, Group Director of Compliance, Risk, and Cybersecurity at Tessi
The centralization and automation of cyber activities in Tenacy have led to an overall increase in efficiency for operational monitoring and reporting that is always up to date.
Dashboards tailored to each stakeholder and editable in just a few clicks.
"We all speak the same language, from the local CISO to the Executive Committee. It's a real cultural shift."
Jérôme Farrouil, Group Director of Compliance, Risk, and Cybersecurity at Tessi
{{cta-lead-magnet}}
With the multitude of tools used by cyber teams and the geographical distance from local CISOs, ensuring smooth communication between teams was a real challenge:
"If I had to do the same thing with people and Excel files, I would easily need four more people. And above all, I would have a much higher turnover because that would be all the teams would be doing."
Jérôme Farrouil, Group Director of Compliance, Risk, and Cybersecurity at Tessi
{{3-cards}}
ISO 27001, PCI DSS, SOC 2, DORA, NIS2, GDPR, cross-referenced with Tessi's internal standards.
between two frameworks obtained in five minutes: already 82% compliance between PSSI and SOC 2.
and directly exportable for external audits or client committees.
Once data was centralized, processes automated, and exchanges aligned, compliance became an operational and strategic asset rather than a constraint.
Thanks to this consistent architecture, Tessi can now manage all of its repositories from a single, unified environment.
.webp)
ReCyF is the French cybersecurity framework based on the European NIS 2 Directive. It sets out 20 mandatory security objectives for critical and essential entities and specifies the acceptable means for demonstrating compliance.
.webp)
The CESIN 2026 barometer reveals a paradoxical trend in corporate cybersecurity: while the number of significant cyberattacks is decreasing, their consequences are becoming considerably more severe.
This annual study by the Club des Experts de la Sécurité de l'Information et du Numérique (Club of Information and Digital Security Experts) is an essential reference for understanding the evolution of cyber threats in France.
.webp)
The purpose of this article is to provide you with a clear and practical overview of the Cyber Resilience Act.
At the end of the document, you will also find advice on how to structure your approach and facilitate compliance.