In a context where working habits are disrupteddigitalization, mobility, remote work—data security is more than ever at the heart of concerns. 

We are committed to providing pragmatic and tailored solutions based on our historical expertise in networks, systems, and infrastructure. 

Davidson’s cybersecurity consultants work both on scoping and organizational phases with a risk-based approach relevant to the threats faced by organizations, and on the more operational implementation roles that follow. 

Our multi-sector client base also promotes a comprehensive understanding of security challenges. 

Our areas of expertise: 

  1. Governance, Risk, and Compliance (GRC): Writing and updating security policies, managing security through risks: CISO / Risk Manager / Information Security Assistance 
  2. Threat and Cyberattack Management (SOC/CSIRT): Sizing, integrating security platforms, conducting digital investigations and incident responses: Cybersecurity architect and integrator / Level 2 and 3 analysts and forensic experts / SOC & CSIRT engineers 
  3. Application Security & Identity Management: Supporting application development by integrating security in an agile ecosystem: Vulnerability analyst / Cloud DevSecOps / IAM consultant 
  4. Network & Cloud Security: Designing and operating secure infrastructures: Network and cloud security architect and integrator / Level 2 and 3 network security support 
  5. Offensive Security & Pentesting: Challenging the status quo and proposing improvements – Pentester / Technical and organizational auditor 
  6. Project Management and Leadership: Organizing and steering projects: drafting specifications, POC scoping, PMO, project manager, project director 

Examples of projects conducted: 

  • For a cosmetics industrial group: benchmarking IT Risk Management solutions and POC of the chosen solution. 
  • For a public transport operator in the Île-de-France region: support in preparing ISO27001 certification – gap analysis, updating documentation, evidence traceability, and auditee awareness. 
  • For a telecom operator: creation of an ISP service center (Security by Design) to monitor security in the operator’s network projects. 
  • For a political party during the 2022 digital presidential campaign: from-scratch support from defining the security framework and strategy to vulnerability analysis and monitoring of applications and infrastructures. 
  • For an automotive manufacturer: drafting specifications for building its SOC. Study and POC of the SIEM to deploy. 
  • For an energy sector client: digital investigations and N3 cyber incident responses worldwide in SOC/CSIRT. Updating playbooks, creating detection rules, reducing false positives. 
  • For a cybersecurity software publisher: R&D development and support for its UTM Firewall solution. 
  • For a bank: building and improving the VOC team (France and internationally). 
  • For a bank: support in securing applications in an agile cloud context. Code scanning and developer awareness. 

Community: 

A team of four Practice Leaders manages our internal social network (Discord) and feeds technical channels and cybersecurity support spaces. This fosters community bonding while facilitating information sharing, skills development, practical advice, and monitoring topics. 

In 2024, we participated in key events, notably hosting the Purple Pill Challenge at our premises, a rich moment of exchanges and innovation challenges. We were also present at the Risk Summit, a major event to discuss trends and issues in cybersecurity. These events allowed us to meet passionate professionals and share our ideas. 

 

Upcoming projects: 

Davidson is designing its own cybersecurity awareness SaaS solution, specifically aimed at employees. 

This solution takes the hacker’s perspective, offering a playful experience that encourages users to think through and find the steps to carry out certain cyberattacks. 

Stories drawn from real events enrich this approach to provide concrete and impactful awareness.