Public sector
x

Regaining cyber control of a local authority

How did the RSSI of the Haute-Garonne Departmental Council optimize its cyber management and simplify its RGS compliance?
"I wanted to break free from this subjectivity that was distorting my interlocutors' vision. With Tenacy, I succeeded. They are finally becoming aware of reality, and everything is becoming more concrete."
Marylyne Boubée
Chief Information Security Officer at the Haute-Garonne Departmental Council
The challenge
Simplify cybersecurity management and compliance

The Haute-Garonne Departmental Council (CD 31) brings together more than 6,000 employees who work for the region, including 120 attached to the IT department. Like all local authorities, one of its challenges is to comply with the General Security Reference Framework (RGS) published by ANSSI.

‍

Marylyne Boubée, CISO of CD 31, is supported by an external service provider to manage all security matters, working closely with the Information Systems and Digital Department and those responsible for operational security.

‍

The project management software provided by her organization is not well suited to her cyber challenges: she uses Excel for certain tasks and employs multiple tools, which makes management time-consuming and increases the risk of errors.

Compliance
Easily manage compliance (RGS, NIS 2, etc.) for multiple information systems.
Steering
Moving from "subjective" cyber management to "factual" management.
Effectiveness
Save time on every task and simplify collaboration between stakeholders.
The objective
Centralize cybersecurity management with a GRC platform adapted to a variety of information systems and a growing number of projects, despite limited human resources.
The solution

Why did you choose Tenacy?

Organizational Mapping

Modeling that integrates all information systems to be secured.

Data centralization

Datasynchronized thanks to over 20 connectors—including Cyberwatch for vulnerability management.

Compliance

Mapped standardsfor maintaining and monitoring compliance: RGS, NIS 2, LPM, PSSI-E, etc.

Table of Contents
Discover how Tenacy structures your cybersecurity
Schedule a demo

1/ Build a customized workspace for optimal management

By choosing Tenacy, Marylyne was able to leverage the standards offered by the platform to build a workspace perfectly suited to her needs and integrate her tools (action tracking, indicators, questionnaires, etc.).

It now has a solution that models its organization as it is structured from a cybersecurity perspective, integrating all the information systems that need to be secured: the departmental council, the 31 EVA Laboratory (Water - Veterinary - Air), and the department's middle schools.

Covered objective:

Rely on CRM software that adapts to your needs and offers a comprehensive, granular view of information systems.

‍

2/ Centralize cyber data for a 360° view

Thanks to the catalog of more than 20 native connectors, the RSSI was able to connect its vulnerability management software (Cyberwatch) to Tenacy in just a few minutes.

It thus benefits from reliable, centralized, and consolidated data in real time, from vulnerability scanning to corrective actions and their follow-up.

Covered objective:

Automatically synchronize the technical stack of the Haute-Garonne Departmental Council to move from subjective to factual cybersecurity management .

‍

3/ Simplify compliance and save time every day

With Tenacy, Marylyne has access to business software that enables her to quickly and objectively assess compliance with the applicable standards, allowing her to effectively manage and monitor the organization's multi-compliance.

Automation between repositories and action plans allows her to know precisely what she needs to put in place to address discrepancies and assign tasks to the right people.

Covered objective:

Have a clear view of compliance levels and demonstrate their impact to management.

‍

Results

A new perception of the importance and impact of cybersecurity for the department.

Recognition of the work of the RSSI

which helped her secure higher budgets.
"I wanted to break free from the subjectivity that was distorting my colleagues' vision. With Tenacy, I succeeded. They are finally becoming aware of reality, and everything is becoming more concrete." Marylyne Boubée, CISO at the Haute-Garonne Departmental Council

Cyber management based on monitored and traceable actions,

for an accurate and consolidated view of the security status of all information systems.

Easier collaboration

between all stakeholders.
Conclusion
This feedback illustrates how a CISO responsible for the security of a public body can simplify compliance (RGS, NIS2, etc.) and demonstrate its impact.
Do these issues resonate with you?
Schedule a demo
Other articles

You may be interested in

Data governance: 5 tips to optimize your strategy
Governance
Data governance: 5 tips to optimize your strategy

Regulatory obligations, data-centric organization, storage cost optimization, data monetization... whatever your company's objectives, it all comes down to data. From collection to destruction, companies are responsible for the information and data they hold. That's why it's essential to define an effective data governance strategy.

November 29, 2022
Developing a PSI in four steps
Compliance
Developing a PSI in four steps

The information system security policy (ISSP) is more than just a reference document: it represents the foundation of the strategic vision for the company's IS security. Nothing less.

April 16, 2024
ISO 27001, NIS, LPM, NIST CSF, PCI-DSS, NC: compliance in 6 acronyms
Life as a CISO
ISO 27001, NIS, LPM, NIST CSF, PCI-DSS, NC: compliance in 6 acronyms

The cybersecurity industry, and particularly the field of incident response, is an environment where all kinds of acronyms flourish. It's so easy to get lost. Standards, directives, laws, processes... Let's take a look at the definitions of six acronyms commonly used in compliance that no one should be unaware of.

November 15, 2022

Regain Control of Your Cybersecurity

Schedule My Personalized Demo
30 minutes with no obligation