News
Capgemini Group launches Cybersecurity Global Service Line
February 2015 by Marc Jacob
Capgemini, one of the world’s foremost providers of consulting, technology and
outsourcing services, today announced the launch of its new Cybersecurity Global Service Line. The offer
brings together the Group’s established capabilities in cybersecurity including 2,500 Capgemini
professionals with proven cybersecurity skills - consultants, auditors, architects, R&D specialists and
ethical hackers1 - its network of five Security Operations Centers (SOCs) across the world and a broad
ecosystem of technology partners. With plans for high double digit growth over the next twelve months,
this new portfolio of leading-edge security services is designed to allow organizations to embrace digital
transformation securely and leverage the power of SMACT technologies – social, mobile, analytics, cloud
and internet of things (IOT) – with confidence.
The rapid evolution of cybercrime has made security a top concern for business leaders around the world. Between
2013 and 2014, there was a 120 per cent increase in the number of cyber-attacks globally2, while the estimated cost
of cybercrime to the average organization increased 10 per cent to US$7.6m per year.3 With hackers now having a
significantly better understanding of the systems they are targeting, their increased precision represents a serious
threat to organizations with potential financial, reputational and safety implications.
Capgemini’s new Cybersecurity Global Service Line addresses the security concerns for IT systems, OT systems4,
as well as IoT products and systems. A recent study of vendors providing IoT technology conducted by Capgemini
Consulting, highlighted that organizations need to be better prepared to address IoT security and privacy threats,
1 An ethical hacker is a computer/ networking expert who systematically attempts to penetrate a computer system or network on behalf of its
owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.
2 Factiva, ‘Major News and Business Publications’ database; Thomson Financial, Investext database; databases of various security agencies
3 2014 Global Report on the Cost of Cybercrime: Ponemon Institute, October 2014
4 Gartner : “Operational Technology (OT) is HW and SW that detects or causes a change through the direct monitoring and/or control of physical
devices, processes and events in the enterprise.”
with only 33 per cent believing their IoT products are ‘highly resilient’ against future cybersecurity threats, and 70
per cent agreeing that ‘security concerns influence customer purchasing decisions for IoT devices’5.
The new Global Service Line will also focus on developing packaged services that can be replicated across
countries corresponding to new trends in IT, such as Hadoop security, Software-defined data center security, as
well as private and public hybrid cloud security. New security offers are also planned including Application Security
Testing as-a-Service and Identity and Access Management as-a-Service, to enable organizations to leverage a
cloud-based approach to facilitate the deployment of security solutions.
“We are developing a full portfolio of cybersecurity services to enable organizations to protect themselves against
cyberattacks and internal malicious behavior for IT, industrial systems and IoT products,” comments Franck
Greverie, Global Head of Cybersecurity at Capgemini Group. "To many executives cybersecurity is a mystery,
which is often why it is an afterthought. The increasing number of external interfaces means that enterprise data is
more accessible and therefore more prone to attack. Capgemini’s new consolidated offer will enable organizations
to embed security at the beginning of their digital transformation journey, covering the cybersecurity spectrum from
the infrastructure and endpoints right through to the protection of applications, users and data.”
According to Forrester Research - “The reignition of privacy rights, together with increasing cyberattacks and the
ongoing deperimeterization of the digital enterprise, has forced security and risk (S&R) pros to move more and
more protections closer to the data itself. It also demonstrates that in the battle to win, serve, and retain customers,
data security and privacy have become competitive differentiators and, thus, a top business technology agenda
item” 6.
Capgemini’s cybersecurity portfolio is based on a framework to ensure organizations can take a holistic and
pragmatic approach to their cybersecurity. It consolidates Capgemini’s deep expertise as a systems integrator and
service provider, along with the Group’s extensive knowledge in the cybersecurity space, gained through numerous
client engagements over the last 10 years, examples of which include the Department for Work & Pensions (DWP)
in the UK, the French Space Agency (CNES), Alstom Transport and Foyer (the largest insurance group in
Luxembourg).
Capgemini’s cybersecurity services focus on protecting Users, Applications, End-points (including office
terminals, smartphones, tablets, sensors, and other connected objects), Infrastructure (including storage,
networks, and virtualization orchestration) and Data – and its proven and planned capabilities include:
5 Capgemini Consulting ‘Securing the Internet of Things Opportunity’ (2014)
6 Forrester Research Inc., Predictions 2015: Data Security And Privacy Are Competitive Differentiators, Heidi Shey et al, November 12th 2014
Capgemini Press Release
? Security consulting & audit services: conducting security assessments, defining cybersecurity
roadmaps, providing operational security consulting and security audits such as penetration testing
and forensics:
o In January 2015 Sogeti France, a wholly owned subsidiary of Capgemini SA, was awarded the
‘Label France Cybersecurity’ at the International Cybersecurity Forum by Axelle Lemaire, French
Minister of State for Digital Affairs (FIC) for security audit services.
o Capgemini recently conducted several consulting projects for Alstom Transport including risk
analysis, Security Target definition and architecture recommendations for the cybersecurity of trains
and the signaling system.
? Designing and building security protection services that safeguard IT systems, industrial systems
and IoT systems:
o Through its acquisition of Euriware, Capgemini now offers services to secure SCADA (Supervisory
Control & Data Acquisition) systems. For IoT products, Sogeti High Tech offers services to embed
security in the engineering development process of products.
o Capgemini recently launched its Anomalous Behavior Detection offering with Pivotal - to detect and
react to advanced internal and external business threats.
? Security Monitoring 24/7:
o Today Capgemini has 5 multi-tenant Security Operations Centers (SOC) which are the ‘eyes and
ears’ enabling the detection and reaction to cyberattacks - located in France, the UK, Luxembourg,
and two in India, with research and development teams supporting all of these centers. Capgemini
is currently building a sixth SOC in Belgium and is also designing and building ad-hoc SOCs for
customers.
