Cyber News
Data governance: 5 tips to optimize your strategy
Regulatory obligations, data-centric organization, storage cost optimization, data monetization... whatever your company's objectives, it all comes down to data. From collection to destruction, companies are responsible for the information and data they hold. That's why it's essential to define an effective data governance strategy.
.png)
Tenacy is proud to be an official sponsor of CESIN —a partnership we will continue in 2026, marking our ongoing commitment to the cybersecurity community in France.
.png)
Ah, the eternal dilemma between risk management and compliance... Companies often pit them against each other, and the tools available on the market tend to reflect this dichotomy. However, the two approaches are complementary in the context of your cybersecurity strategy. This is illustrated by the famous ANSSI pyramid: compliance is a necessary foundation for addressing major risks.
Ensuring the security of information systems requires strict compliance with the standards and constraints applicable to each sector of activity and each organization. Chief Information Security Officers (CISOs) and Data Protection Officers (DPOs) each contribute their expertise to serve this common goal.
We are proud to announce that Tenacy has been named Top Startup 2025 in Lyon by LinkedIn News, making it one of the five most dynamic startups in the Lyon ecosystem! This prestigious ranking highlights fast-growing local startups that are innovating in their sectors and attracting the best talent.
The initial audit is the first audit in a three-year certification cycle, consisting of the initial audit (year 1) and two surveillance audits (years 2 and 3).
In order to oversee cybersecurity measures within a company, the management committee must first define its vision. This vision is formalized in a document simply called the information system security policy.
From assessing the state of IT security to analyzing previous attacks, mapping critical assets, and continuing past actions related to risk analysis, the first 100 days of a CISO's tenure are crucial for the organization.
In an ever-changing regulatory landscape, companies must comply with a set of standards and regulations related to data protection, IT and employee security, and the functioning of their products. Beyond the penalties for non-compliance —which can be significant—a security breach or unaddressed vulnerability can seriously damage an organization's brand image.
Your management has just approved your information system security policy (ISSP). What now? It's time to draw up your IT security plan, which should detail the actions to be implemented to ensure the ISSP is applied. Defining objectives, monitoring current and future actions, measuring results... All this requires flawless project management.
"Risk-based approach" and "compliance-based approach": you've probably heard these terms before. These two English terms can be translated into French as "approche par les risques" and "approche par la conformité" – and they are sure to divide the cyber world.
GDPR, LPM, NIS... Companies today are subject to an increasing number of regulatory and compliance frameworks. While these rules are essential to ensuring a high level of security within the organization, they can sometimes hinder the smooth running of operations.