Citalid, the startup that assesses risks due to cyber-crime is awarded the 2018 Innovation Prize at Les Assises de la Sécurité

At this 18th edition of Les Assises de la Sécurité, which took place in Monaco, there was much more than just stands or conference speeches discussing individual experiences. Over the course of four days of sessions, major players in the information systems security industry also chose to award their Innovation Prize to an original initiative that is well-placed to be widely adopted. The award was won by Citalid, which is the first platform for managing and assessing the risks associated with cyber-crime. Moreover, this disruptive new entrant in the market, which was co-founded by Maxime Cartan and Alexandre Dieulangard, also won the Public Prize.


So what lies behind the company’s sudden popularity?

The guiding principle of the company’s two directors is to see cybersecurity not as a cost centre, but rather as a source of savings, thereby addressing the classic challenge of ensuring that both risks and opportunities are taken into consideration. These two alumni of ANSSI, the National Cybersecurity Agency of France, sought to demonstrate that it is not only possible to calculate the costs incurred due to failures and vulnerabilities in a company’s information security systems (no matter the size of the company, or the industry it operates in) and, consequently, that it is appropriate to assess the savings that can be achieved by implementing a more effective security strategy. The challenge started with two questions that everyone asks: what financial risks am I exposed to, and what can I do to minimise them?

Citalid: to protect organizations from cyber risks

The online platform therefore makes it possible to map and quantify the cyber-risks that any organisation faces. This fact was captured in the comments of a member of the judging panel, the information systems security manager of a CAC40-listed corporation:

“Citalid is in the process of making information security managers’ dreams come true: enabling them to speak the same language as their board of directors by delivering quantitative, context-specific risk analyses!” It’s as simple as that!  He went on to add that “The Citalid platform makes it possible to model the impact that each solution has on the bottom line to enable a suitable investment programme to be developed.”

A platform that works with algorithms

When asked how the platform works, Maxime Cartan and Alexandre Dieulangard respond that they have become partners in the FAIR (Factor of Analysis Information Risk) methodology, which represents a first for Europe, giving them a technological advantage over their competitors. The technology is still concealed within specific algorithms, as the two founders explain:

Our algorithms are the first to combine analysis of cyber threats and their geopolitical context with the quantification of financial exposure and the risk involved, with a view to anticipating cybersecurity threats.”

Today, the risks and threats involved are on another level. Increasingly, the “attackers” aim to undermine citizens’ confidence in their governments by demonstrating their powerlessness and inability to defend their interests, especially citizens’ personal data. If attacks become easier for enterprises to predict, it will become easier for them to protect themselves; and it is no great leap to imagine that people in general will become less anxious as a result. However, while it remains to be seen whether algorithms will prove their value and that there is a real opportunity here.

For Citalid’s two founders, the challenge is to speak the same language as companies’ top management, thereby providing a mouthpiece for information systems and security managers, who have hitherto been seen as too restrictive, too alarmist, or simply as cost centres. However, it may be that innovation cab be found by opening up the possibility of genuine dialogue within the enterprise sector.


To read also: Cybersecurity, 10 points of vigilance for 2019