Exclusive Interview with the CEO of The Alliance of the Phoenix: A Director at the Forefront of Security
In an increasingly digital world, cybersecurity has become a major concern for businesses. We sat down with Aurélien, the CEO of The Alliance of the Phoenix, to discuss his role within the company and how they approach cybersecurity. The following interview provides insight into his career, The Alliance of the Phoenix’s vision for cybersecurity, the challenges they face, the opportunities this rapidly expanding field offers, and much more.
Who is Aurélien?
First, let’s get to know the brain behind the operation!
Aurélien, the CEO of The Alliance of the Phoenix, wears several hats within the company. In addition to his responsibilities in the business realm, he brings technical expertise as a Cloud architect and oversees all finance and operations aspects.
But before joining The Alliance of the Phoenix, what was his professional journey like?
Aurélien revealed to us a unique path. Before founding The Alliance of the Phoenix, Aurélien began his career as a commando rifleman in the Air Force, then led his own IT support company for SMEs. After taking his first steps into the “Microsoft Galaxy” as a Junior SharePoint consultant, he progressed to become a manager of a SharePoint development team. Eventually, he founded a new company in 2015, specializing in SharePoint and Microsoft 365 services. After a brief entrepreneurial break to work at Microsoft France, he co-founded The Alliance of the Phoenix in 2020, alongside Ghadir Sadee, the company’s co-founder.
Today, The Alliance of the Phoenix employs nearly forty people across four different countries.
Cybersecurity at The Alliance of the Phoenix
Now, let’s talk cybersecurity!
“Cybersecurity is a rapidly evolving field.”
Aurélien shared his perspective on The Alliance of the Phoenix’s positioning in this sector. The company doesn’t claim to be a full-fledged cybersecurity firm, but it specializes in securing its clients’ Microsoft Cloud infrastructure. They build barriers and protective walls, using security solutions provided by Microsoft to safeguard these infrastructures.
These security phases are regularly carried out in partnership with cybersecurity consulting firms.
Complexity and Evolution of Cybersecurity
The complexity of cybersecurity lies in the constant evolution of this field. Clients are becoming more informed and demanding. They have a better understanding of the issues, which means that Aurélien and his team must deal with increasingly technical requirements. However, he believes that this complexity is positive because it encourages them to follow security best practices frameworks for the Microsoft Cloud.
The Perception of Cybersecurity
Perceptions of cybersecurity vary depending on roles within companies.
- Executives increasingly view cybersecurity as a necessary expense to protect their operations.
- Chief Information Officers see cybersecurity as a component to integrate into all their projects, while Chief Security Officers consider it essential and prioritize it at the top of their list (and they are absolutely right).
- However, on the business side, some still perceive cybersecurity as a constraint, although this perception is evolving.
Ease of Implementation in Cybersecurity
Aurélien shared his perspective on the easiest part of cybersecurity, “implementing Microsoft security solutions.”
Using security tools provided by Microsoft greatly facilitates this phase. The tools are designed to be relatively easy to implement. This simplicity stems from the fact that Microsoft tools, especially for collaboration, are widely deployed. Therefore, Microsoft security products integrate very easily into the existing environment.
The Essentiality of Cybersecurity
Today, cybersecurity is essential for organizations. Our clients “are storing increasingly sensitive data, including health data and personal information…”.
Trust with clients and compliance with new regulations are major concerns. The regulatory environment is constantly evolving, further emphasizing the importance of cybersecurity.
Threats and Opportunities in Cybersecurity
For The Alliance of the Phoenix, the most frequent threat is fraudulent access to its clients’ Azure subscriptions, aiming to provision very large volumes of highly powerful servers (and therefore very expensive), with the intention of mining Bitcoin at the expense of the targeted company.
However, the most dangerous threat lies in what is known as “CEO fraud,” a scam where individuals impersonate a company’s executive to deceive employees into making fraudulent financial transfers or disclosing confidential information.
This form of scam has unfortunately led to the closure of many small and medium-sized enterprises, as well as intermediate-sized companies (ETIs). Preventing this threat requires increased awareness, the establishment of rigorous verification procedures, and cybersecurity training.
To Note:
According to the Global Data Protection Index 2022 (GDPI), in the last 12 months, nearly 86% of businesses have faced a cyber incident.
An essential point to remember from this text is that cyber attacks are not limited to a single sector in France. Hospitals, local authorities, and businesses of all sizes are all exposed to risks. SMEs are particularly vulnerable, accounting for 43% of targeted attacks. Even large enterprises are not immune. Awareness of the cyber threat has increased, but many businesses, especially smaller ones, still need to strengthen their protection measures to avoid the costly consequences of these attacks.
Opportunities in cybersecurity are constantly expanding, and the demand is increasing. Microsoft is heavily investing in its cybersecurity solutions, creating new opportunities to enhance customer security.
“Technologies such as biometric authentication and FIDO2 keys are growing, offering advanced means of protection.”
Cybersecurity: A Response to an Economic Warfare
The proliferation of risks, especially those related to economic warfare, has changed the game. French companies are increasingly targeted by attempts to steal know-how, orchestrated by foreign entities. However, roles sometimes reverse, and Western companies also seek to regain skills in Asia. Cybersecurity plays a key role in this battle.
To illustrate the importance of cybersecurity, let’s take the hypothetical example of a business leader who, unfortunately, is having an affair with his secretary. If he uses a professional communication platform like Teams to discuss it, the security of these exchanges is ESSENTIAL! If these conversations are not properly secured, they could potentially be intercepted by malicious actors.
This creates a vulnerable situation where third parties could threaten to reveal this confidential information. This example illustrates how even personal affairs can have serious professional repercussions if data is not appropriately protected.
In the broader context of economic warfare, cybersecurity is essential to protect industrial secrets, strategic data, and the reputation of companies, as malicious actors can exploit vulnerabilities to steal information or engage in blackmail.
This is why it is imperative to implement robust security measures to prevent such threats.
The Legal Challenges of Cybersecurity
Legislation regarding cybersecurity is constantly evolving.
Elise Debiès, a lawyer at The Alliance of the Phoenix, handles the legal aspects, especially in cybersecurity. As a lawyer at the Paris Bar and DPO for the French social security, her legal expertise is a valuable asset, essential for both our company and our clients. Cybersecurity is a team effort, and Elise plays a key role in this collaboration. European regulation is particularly dynamic, with three additional laws in addition to the GDPR.
Cybersecurity is essential not only to prevent a company from closing but also to protect sensitive data and preserve know-how.
Cybersecurity has become an indispensable element because the proliferation of risks, especially for online commerce platforms, is constantly increasing.
Previously, the main risk was financial security, but now, risks also weigh on the protection of know-how. To gain the trust of customers and attract new ones, it is essential to meet cybersecurity requirements. Now, in calls for tenders, cybersecurity is a major criterion because customers will not choose a provider if they are not sufficiently secure.
Improving Cybersecurity: Privileged Accounts
To strengthen cybersecurity, securing privileged accounts is paramount. This can significantly increase the security of the company while impacting a small percentage of users.
French public hospitals are at the forefront of these efforts, aiming to enhance their security against potential threats.
The measures taken to strengthen cybersecurity at The Alliance of the Phoenix
The Alliance of the Phoenix emphasizes its commitment to cybersecurity by implementing several concrete measures.
Firstly, two-factor authentication (MFA) has become mandatory for all users, significantly enhancing security. Additionally, dedicated accounts secured by a FIDO2 key have been established for privileged actions, an essential step to prevent unauthorized access.
When consultants work with clients, they use specific accounts secured by a FIDO2 key and adhere to security best practices recommended by Microsoft (GDAP, conditional access, etc.).
To underscore our commitment to security, it is essential to mention that over the past year, we have provided training for all our teams – and this training is regularly repeated. Disciplinary sanctions have also been defined and applied in certain cases.
These measures aim to ensure that our employees understand and rigorously adhere to our security policies, with the goal of maintaining the security of our clients and partners.
Trends and Future Developments in Cybersecurity
Clients are evolving in their approach to cybersecurity.
They started by deploying collaborative solutions, and now they are focusing on securing the three pillars:
- 1. Identities (multi-factor authentication, conditional access, securing privileged accounts)
- 2. Endpoints (PCs, Macs, Linux, iOS, Android, …)
- 3. Data (classification, encryption, …)
There is also a new enthusiasm for the feature that “closes the loop”: real-time analysis and response of Microsoft cloud logs, thanks to Defender for Cloud App.
Tips to Strengthen Enterprise Cybersecurity
Finally, Aurélien gave us one last piece of advice to strengthen cybersecurity, especially for business users: avoid “Shadow IT”.This means not using unauthorized software or services by bypassing company policies.
Cybersecurity is a collective challenge that we all face in this increasingly digital world. In discussing with Aurélien, we gained insight into how a company can approach this issue. The stakes are high, but it’s reassuring to see that experts like Aurélien and his team are working tirelessly to protect our infrastructures and sensitive data.
So, what can we take away from this discussion? Cybersecurity is essential, constantly evolving, and full of opportunities. Technologies evolve, threats multiply, but we can all contribute to strengthening the security of our businesses and data.
We hope that this interview with Aurélien from The Alliance of the Phoenix has provided valuable insights into cybersecurity. Feel free to share your experiences and thoughts on this topic. Together, we can contribute to a safer and more reliable digital world.
Finally, remember that we are here to help you succeed. Don’t hesitate to contact us to learn more and take advantage of our FREE Audit to ensure that you are on the right track towards enhanced cybersecurity.