Cyber security is a big issue for both private companies and public institutions. To respond to these strategic developments, ESILV adapts its training and offers new courses in line with the needs of the organizations.
Following the closing of the International Cybersecurity Forum, in which ESILV took part, it’s time to take a closer look at the trends to follow in security with Walter Peretti, a teacher at ESILV, detached to the Cyber Campus and head of the IT, IoT and Security major.
In recent years, many trends have emerged in the field of security. For an engineering school, it is a question of anticipating future risks to adapt teaching in a field where, unfortunately, threats are constantly increasing in number and type.
— Walter PERETTI (@PerettiWalter) June 9, 2022
GRC and DevSecOps approaches to respond to new threats
Adapting the curriculum to the concrete reality of the market and company needs is a constant concern at ESILV.
An emerging corporate need is the concept of GRC (Governance, Risk and Compliance), which consists of integrating a strategy that allows companies to manage their information systems proactively. At ESILV, the engineering students of the two IT security majors have a joint teaching module on these GRC aspects.
Another issue identified among cybersecurity professionals is the DevSecOps approach, which links the teams in charge of development and cybersecurity: DevSecOps is an aggregate of development, security, and operations.
Once again, ESILV’s engineering students can address this concern through internships, work-study programs or employment.
Three technological trends to follow in digital security
The exploitation of security vulnerabilities by hackers continues to leave large corporations, small and medium-sized businesses, and government agencies vulnerable. The rise of cloud computing has led to an increase in internal and external threats to corporate IT systems. But how to protect against these new risks? Let’s take a closer look at 3 emerging technology trends that are the focus of ESILV’s engineering courses.
Automation of penetration tests by AI
Today, the weakest links in the cybersecurity chain (SMEs, VSEs, ETIs) cannot afford penetration testing services. Similarly, there are not enough specialists available on the market to fulfill the demand. We are seeing the emergence of players who use AI to automate penetration testing campaigns at a reduced cost.
Zero Trust is an approach that eliminates the concept of trust within network architectures to prevent data compromise. Based on the principle of “never trust, always verify” this new model breaks with traditional security.
A new technique for discovering security flaws in software by subjecting the code to random (or semi-random) inputs to crash it and thus identify “flaws” that would not otherwise be apparent.
New cyber courses for industry purposes
The “Computing, Connected Objects and Security” and “Cybersecurity & Cloud Computing” majors train engineers to meet digital challenges thanks to a solid IT culture and a mastery of best practices in terms of development, security, and business.
The program for these engineering majors will include three new courses in particular for 2022-2023, to continuously improve the quality of teaching:
Pentesting and forensic
A course on Pentesting (intrusion tests) and forensic (search for legal evidence of an intrusion) in the IoT. These lessons will be given by Arnaud COURTY, ESILV alumni, class of 2013, with an evaluation via an escape game.
Cybersecurity and industry
A course on cybersecurity issues in the industry of the future (4.0), taught by experts in the field, with a particular focus on hardware security. These new skills – around threats to the very heart of systems – will strengthen the arsenal of ESILV engineers.
Development of a Cyber Resilience course – one of the big issues to come – which heralds a new focus on holistic cybersecurity management.