In an ultra-connected world where process digitization and the number of digital transactions are exploding, the temptation to fraudulently use the multiple interconnection points with the outside, notably Internet access, is increasing day by day. Thus, cyberattacks have become not only more numerous and diverse but also more harmful and disruptive.

It is fundamental, therefore, to identify and understand the risks that could affect the information system and develop the necessary agility to face new threats. As a result, cybersecurity incident management has become one of the pillars of information system security. This complex activity requires new expertise and strong involvement from business leaders and, especially, top management.

In this context, the cybersecurity incident management framework, developed in application of Article 42 of Decree No. 2-21-406 implementing Law No. 05-20 on cybersecurity, aims to establish the appropriate means and processes to quickly detect cyber incidents, minimize their impacts, eliminate exploited vulnerabilities, and restore the services provided by an information system as soon as possible.