Econocom - 2019 Universal registration document

02 group overview group positioning

Econocom ژ Digital Security ژ helps customers manage their digital risks digital.security spans three areas of expertise: IT system security (ISS), Internet of Things (IoT) security, operational technology security (OT). Our commitment is fourfold. We promise to: offer customers high-level expertise in a • package that's right for them without an escalating budget; assess security and compliance levels • based on technical and regulatory benchmarks that can be applied to every context; anticipating new usesensure our • customers achieve optimum protection of their information assets as quickly as possible and maintain this level; unite and involve all stakeholders in risk • control measures that are effective and coherent. following services: audit (assessing and suggesting improvements), consultancy (analysing risks and drawing up risk reduction policies), integration and project (managing cross-cutting security projects (IAM, SOC/SIEM, DLP, CASB,…) modelling solutions), operational security (maintaining digital.security offers the

and running security solutions), training and education (passing on technical and functional knowledge). digital.security is the first TF-CSIRT (1) accredited CERT™ (Computer Emergency Response Team) IoT and founder of the first IoT security label: IQS (Iot Qualified as Secured). digital.security is listed on Datadock which means companies can obtain funding for OPCO (OPérateurs de COmpétences - French skilled operator) training for their employees. digital.security consultants and experts are members of various working groups (ANR, CESIN, CLUSIF, ENISA, AFNOR, IRTSystemX…) and are involved in the standardisation and promotion of digital risks. They are fully conversant with the methods, benchmarks and standards that apply to IT risk management and hold the certificates to prove it: ISO 27001, ISO 27005, CISSP, CMMI, ITIL, COBIT… digital.security is officially recognised by the European body TF-CSIRTwhich coordinates relations between the various CERTs worldwide and and has the ANSSI's (French agency for IT system security) PASSI (2) and PASSI-LPM accreditation (3) , so our customers can be sure that the security audit services we offer meet their high standards and are appropriate for the sensitivity level of their IT systems.

TF-CSIRT: Task Force on Computer Security Incident Response Teams. (1) Security Incident Response Teams.[1] IT system security audit provider – Military Planning Law: (2) qualification awarded by the ANSSI. French agency for IT system security. (3)

32

2019 annual report