Capgemini Group launches Cybersecurity Global Service Line

Capgemini has launched the Cybersecurity Global Service Line. The offer brings together the Group’s established capabilities in cybersecurity including 2,500 Capgemini professionals with proven cybersecurity skills - consultants, auditors, architects, R&D specialists and ethical hackers - its network of five Security Operations Centers (SOCs) across the world and a broad ecosystem of technology partners. With plans for high double digit growth over the next twelve months, this new portfolio of leading-edge security services is designed to allow organisations to embrace digital transformation securely and leverage the power of SMACT technologies – social, mobile, analytics, cloud and internet of things (IOT) – with confidence.

The rapid evolution of cybercrime has made security a top concern for business leaders around the world. Between 2013 and 2014, there was a 120 per cent increase in the number of cyber-attacks globally, while the estimated cost of cybercrime to the average organisation increased 10 per cent to US$7.6m per year. With hackers now having a significantly better understanding of the systems they are targeting, their increased precision represents a serious threat to organisations with potential financial, reputational and safety implications.

Capgemini’s new Cybersecurity Global Service Line addresses the security concerns for IT systems, OT systems, as well as IoT products and systems. A recent study of vendors providing IoT technology conducted by Capgemini Consulting, highlighted that organisations need to be better prepared to address IoT security and privacy threats, with only 33 per cent believing their IoT products are ‘highly resilient’ against future cybersecurity threats, and 70 per cent agreeing that ‘security concerns influence customer purchasing decisions for IoT devices’.

The new Global Service Line will also focus on developing packaged services that can be replicated across countries corresponding to new trends in IT, such as Hadoop security, Software-defined data centre security, as well as private and public hybrid cloud security. New security offers are also planned including Application Security Testing as-a-Service and Identity and Access Management as-a-Service, to enable organisations to leverage a cloud-based approach to facilitate the deployment of security solutions.

“We are developing a full portfolio of cybersecurity services to enable organisations to protect themselves against cyberattacks and internal malicious behaviour for IT, industrial systems and IoT products,” comments Franck Greverie, Global Head of Cybersecurity at Capgemini Group. "To many executives cybersecurity is a mystery, which is often why it is an afterthought. The increasing number of external interfaces means that enterprise data is more accessible and therefore more prone to attack. Capgemini’s new consolidated offer will enable organisations to embed security at the beginning of their digital transformation journey, covering the cybersecurity spectrum from the infrastructure and endpoints right through to the protection of applications, users and data.”

According to Forrester Research - “The reignition of privacy rights, together with increasing cyberattacks and the ongoing deperimeterisation of the digital enterprise, has forced security and risk (S&R) pros to move more and more protections closer to the data itself. It also demonstrates that in the battle to win, serve, and retain customers, data security and privacy have become competitive differentiators and, thus, a top business technology agenda item.”

Capgemini’s cybersecurity portfolio is based on a framework to ensure organisations can take a holistic and pragmatic approach to their cybersecurity. It consolidates Capgemini’s deep expertise as a systems integrator and service provider, along with the Group’s extensive knowledge in the cybersecurity space, gained through numerous client engagements over the last 10 years, examples of which include the Department for Work & Pensions (DWP) in the UK, the French Space Agency (CNES), Alstom Transport and Foyer (the largest insurance group in Luxembourg).

Capgemini’s cybersecurity services focus on protecting Users, Applications, End-points (including office terminals, smartphones, tablets, sensors, and other connected objects), Infrastructure (including storage, networks, and virtualisation orchestration) and Data – and its proven and planned capabilities include:
Security consulting & audit services: conducting security assessments, defining cybersecurity roadmaps, providing operational security consulting and security audits such as penetration testing and forensics:
In January 2015 Sogeti France, a wholly owned subsidiary of Capgemini SA, was awarded the ‘Label France Cybersecurity’ at the International Cybersecurity Forum by Axelle Lemaire, French Minister of State for Digital Affairs (FIC) for security audit services.
Capgemini recently conducted several consulting projects for Alstom Transport including risk analysis, Security Target definition and architecture recommendations for the cybersecurity of trains and the signalling system.

· Designing and building security protection services that safeguard IT systems, industrial systems and IoT systems:
o Through its acquisition of Euriware, Capgemini now offers services to secure SCADA (Supervisory Control & Data Acquisition) systems. For IoT products, Sogeti High Tech offers services to embed security in the engineering development process of products.
o Capgemini recently launched its Anomalous Behavior Detection offering with Pivotal - to detect and react to advanced internal and external business threats.

· Security Monitoring 24/7:
o Today Capgemini has 5 multi-tenant Security Operations Centres (SOC) which are the ‘eyes and ears’ enabling the detection and reaction to cyberattacks - located in France, the UK, Luxembourg, and two in India, with research and development teams supporting all of these centers. Capgemini is currently building a sixth SOC in Belgium and is also designing and building ad-hoc SOCs for customers.