Before any awareness-raising initiative and to calibrate this better, an assessment of the company is needed to take stock of the IT infrastructure and to gauge the teams’ level of acculturation to digital risks.
Many aspects can be reviewed during this assessment in the context of a risk analysis: from the internal organisation to the management of service providers, including the resilience of the company in the event of an attack. A list of priority steps (remediation) can subsequently be drawn up.