Illustration des problématiques liées à l'intégration de logiciels non maitrisés (23 novembre 2022)

The report warns that foreign regulatory frameworks that require use of specific, mandated business software can introduce significant security risks: these products may contain backdoor-like features or be abused as supply-chain entry points (citing June 2020 disclosures and the NotPetya 2017 incident). It recommends isolating and dedicating a controlled environment for such software and provides mitigation guidelines to limit the impact of associated threats.