Louis Vatier (EPITA 2012) participated in drafting of a book on the black markets of cybercrime.

In what context did you participate in drafting the book on black markets of cybercrime?

The book became part of the extension of my third year internship, which I started as an analyst watchman in a small team in charge of IT risks to the European Company of Strategic Intelligence (CEIS ), at SecuInsight, business intelligence company whose goal is to help clients protect their economic interests in the context of globalization and fierce competition.

This involves a lot of work on the directly available information with collection, analysis and cross-checking of weak signals. As an Engineering student at EPITA, my role was to survey and analyze IT security and new technologies more broadly and write briefings bound for our customers.

Why a White Paper on the black markets of cybercrime?

Shortly after the start of my internship a first report on the prices of certain products sold on the black markets of cyber-crime was published: it was the RSA report (the Security Division of EMC). The fact is that we concluded that if this report brought a first light on the subject, the dark side of the black market was not presented. What I mean by dark side is the economy, the business model behind it.

In addition, a number of clients of CEIS are banks and are directly affected by the cyber-crime. These considerations led us to develop in-house expertise, development that happens especially with the publication of the white paper on the black markets of cybercrime, which is a state of the art, both technically and economically.

Because of my training, I mainly studied the technical parts, especially the infrastructure set up for cybercrime. However, I also worked on the optimization of products sold on the black market, which involved detailed monitoring. The white paper is really an analysis. We did not simply draw up a simple statement or regurgitate figures that have no meaning.  In addition, we also offer solutions, a sort of bottle in the sea, to contain this plague.

What have you been able to draw out from this course and this publication?

I did not touch a line of code during my ten-month internship, which is unusual for a third year internship. I had the opportunity to use my dual expertise, developed in part during a Bachelor in applied mathematics and economics at Dauphine and the other during my school years at EPITA. Indeed, it allowed me to deal with technical information and make it understandable to our customers who do not have the technical and are mainly interested in the potential impact that IT security can have on their business.

The internship was a good way for me to build on the achievements of the first year of Engineering studies without doing much development.  I was also able to strengthen my analytical skills and raise my editorial level through this experience. The white paper includes a little of all the know-how accumulated throughout the internship.

My ultimate goal is to work in the strategy of Information Systems (IS). For this, we need a strong dual competence (Business Management and Information Technology), especially if you want to integrate in a big firm.