Article published on November 13, 2025 on INFORMATIQUE NEWS
Managing a cyber crisis in 2025: a new paradigm
The annual cost of cybercrime in France has soared to over 100 billion euros by 2024, according to the latest estimates from Statista, which put the cost at 129 billion US dollars (around 119 billion euros). At the same time, 22% of private-sector employees now telecommute at least once a month, according to INSEE. This profound transformation of the world of work is fundamentally redefining traditional approaches to crisis management.
In this unprecedented context, companies face a major challenge: how to maintain an effective response to cyber crises when their teams are geographically dispersed? The answer lies in the evolution towards distributed crisis cells, capable of operating efficiently and independently of the physical location of their members.
Cyber attacks in Europe: the escalation continues
2024-2025: numbers that shake things up
According to the 10th CESIN (Club des Experts de la Sécurité de l’Information et du Numérique) barometer published in January 2025, phishing remains the main attack vector, affecting 60% of victim companies, followed by vulnerability exploitation (47%) and denial-of-service attacks (41%). Even more worrying, 47% of European companies suffered at least one successful cyber attack in 2024.
This latest edition of the CESIN barometer also reveals a growing concern: 72% of companies say they are prepared to detect a cyber attack, but only 54% say they are prepared to respond. This disparity reveals a critical flaw in current crisis management systems, particularly problematic in a hybrid working environment where coordination is becoming more complex.
Hybrid working: security reinvented
Hybrid working is being adopted on a massive scale in France. According to INSEE, in the first half of 2024, 22% of private sector employees teleworked at least once every four weeks, with an average intensity of 1.9 days per week. Sector studies show that 47% of French companies have integrated telecommuting into their operations, representing a major structural change since the health crisis.
This structural evolution multiplies attack surfaces and complicates the monitoring of information systems. Companies now have to manage cyber incidents involving employees connected from home, coworking spaces or on the move, making traditional crisis management approaches based on physical presence in a single location obsolete.
Why traditional models are showing their limits
The trap of centralized cells
Traditional crisis cells, designed to operate in a traditional office environment, present several vulnerabilities in a hybrid context:
Geographical dependence: The need to physically bring together cell members can considerably delay the response to an incident. In the event of a cyber attack, every minute counts to limit propagation and minimize impact.
Single point of failure: A centralized crisis unit can itself be compromised if the company’s physical or digital infrastructure is affected.
Complex coordination: Coordination between different strategic and operational levels becomes more difficult when teams are dispersed.
The new risks of remote working
Teleworking introduces specific risks that companies need to anticipate. According to cybersecurity research data, data breaches result in an average annual loss of $9.48 million in the United States, and Internet users are particularly exposed to phishing and social engineering scams in distributed work environments.
Home networks, which are less secure than corporate infrastructures, become potential entry points for attackers. In this context, a distributed approach to crisis management becomes not a choice, but a necessity.
Distributed crisis unit: the essential evolution
The pillars of a distributed organization
A geographically distributed crisis unit rests on several essential pillars:
Geographical redundancy: It is recommended to “decentralize and relocate the crisis unit so that it can be accessed independently of the company’s infrastructure”, according to ANSSI recommendations. This approach guarantees operational continuity even if the main site is compromised.
Secure communication: Cell members must be able to communicate in real time via encrypted, redundant channels, enabling effective coordination despite distance.
Decentralized access to critical resources: information essential to crisis management must be accessible from any geographical point, while maintaining a high level of security.
Changing the composition of the cell
Traditionally, the crisis team should include the CISO, if there is one, as well as an ISS stakeholder. The head of the company or a member of Comex, the head of communications, someone from risk or compliance and, if possible, from legal affairs are also included.
This traditional composition needs to be adapted to include experts capable of operating effectively at a distance and coordinating geographically dispersed teams.
The technologies that make this model possible
Communicate in real time, anywhere
Modern crisis management solutions integrate instant messaging, videoconferencing and real-time collaboration functionalities. These tools virtually recreate the coordination environment required for an effective response.
The advent of SaaS platforms specialized in crisis management has democratized access to these advanced technologies, enabling companies of all sizes to deploy professional solutions without heavy investment in infrastructure.
Encrypt, protect, secure
Integrated encryption is becoming an absolute prerequisite for any distributed crisis management solution. Communications between cell members must be protected against interception and manipulation, particularly critical during a cyber attack.
Simulate and train an exploded cell
Preparation is based on regular training. According to the CESIN 2025 barometer, 62% of organizations carry out cyber crisis exercises to reinforce their resilience. Modern platforms make it possible to run crisis simulations involving geographically dispersed teams, essential for validating the effectiveness of distributed procedures.
How to switch to a distributed approach
The essential steps
Geographical risk analysis: Identify specific vulnerabilities linked to the dispersion of teams and adapt procedures accordingly.
Selection of appropriate technologies: Choose solutions offering high availability (ideally 99.99%) and minimum response times to guarantee responsiveness in crisis situations.
Team training: In particular, staff can benefit from new training to recognize cyber threats and adopt the right reflexes, especially in a distributed working environment.
Human and organizational obstacles
The transition to a distributed approach requires a significant cultural transformation. Companies need to rethink their decision-making processes and adapt their coordination methods to maintain efficiency despite distance.
The advantages of a distributed crisis unit
A major gain in resilience
A distributed crisis cell offers superior resilience to attacks targeting the company’s physical infrastructure. This approach maintains response capability even if the main site is compromised.
Faster, smoother response
The ability to immediately activate the crisis unit, regardless of the location of its members, significantly reduces response times. This rapid response is crucial to limiting the spread of a cyber attack.
Adapting to new ways of working
The distributed approach naturally aligns with the expectations of modern employees. 63% of French people prefer a job offering the possibility of working from the location of their choice, and this flexibility must extend to crisis management arrangements.
What the future holds
AI as a strategic gas pedal
Artificial intelligence is making strong headway within cybersecurity teams, used by 69% of companies according to the CESIN 2025 barometer. The integration of AI into distributed crisis management platforms is opening up new perspectives. These technologies can automate certain coordination tasks and provide real-time analysis of the situation, supporting decision-making by dispersed teams.
Standardization as a key factor
The move towards common standards for distributed crisis management will facilitate coordination between different organizations, particularly important in the context of attacks targeting supply chains.
Towards a new era in crisis management
The emergence of hybrid working as a structural norm is forcing a revolution in cyber crisis management approaches. Companies that know how to adapt their systems to operate effectively in a geographically distributed environment will have a decisive competitive advantage.
“You can’t improvise responses in the middle of a disaster! Preparation, tools and training are essential to maintain activity in the event of a cyber attack”, emphasizes Guillaume Poupard, former Director General of ANSSI, in the guide “Crise d’origine cyber, les clés d’une gestion opérationnelle et stratégique”. This preparation must now include the geographical dimension as a central element of the resilience strategy.
Investment in the right technology solutions, combined with thoughtful organizational transformation, will enable companies to turn the challenge of hybrid working into an opportunity to strengthen their resilience in the face of growing cyber threats.
In this changing context, next-generation crisis management platforms, integrating secure communication, distributed processes and simulation capabilities, are becoming essential strategic tools for successfully navigating the complex cyber ecosystem of 2025.
PanicSafe: The SaaS solution for distributed crisis management
In response to the challenges identified in this article, PanicSafe proposes an innovative approach to cyber crisis management in a hybrid work environment, offering a complete ecosystem for geographically distributed crisis management.
Decentralized, resilient architecture: PanicSafe enables organizations to instantly deploy operational crisis cells, independently of their physical infrastructure. The solution guarantees operational continuity even if the main site is compromised, in line with the principle of geographical redundancy recommended by cybersecurity experts.
Integrated functions for hybrid working:
- Secure, encrypted communication between geographically dispersed members
- Multi-site coordination with real-time dashboards
- Training and simulation modules for team training
- Structured decision-making processes adapted to the constraints of teleworking
The platform directly facilitates the implementation of ANSSI guidelines, providing companies of all sizes with a professional crisis unit that complies with current security standards and is perfectly adapted to the realities of hybrid working.
Main sources
- Statista – The cost of cybercrime soars in France
- INSEE – Telecommuting and face-to-face work: hybrid work, a practice now firmly established in companies
- IT for Business – 10th CESIN barometer: Cyberattacks and resilience
- OpinionWay – Corporate cybersecurity barometer – 10th edition
- Hello Workplace – France 2024 telework figures
- SFR Business – Teleworking: review and outlook
End of article
Discover the latest articles
- 18/11/2025 – 📰Cyber crisis and hybrid work: the distributed organization as the new standard
- 21/10/2025 – [Press release 📣] JOCX partnership
- 29/09/2025 – 📰 Why ISO 27001 without effective crisis management remains an empty shell
- 22/09/2025 – 📰 Cyber crisis: Why 46% of companies fail in their collaborative response (and how to avoid it)
- 09/09/2025 – 📰 Backup mail server in cyber crisis: the illusion that can cost you dearly
- 04/09/2025 – Dream On Technology wins EcoVadis 2025 silver medal: a milestone for our young venture
- 26/06/2025 – 📱 PanicSafe 1.6: Continuous innovation in crisis management
- 23/06/2025 – [Press release 📣] Dream On Technology raises 1.3 million euros to revolutionize crisis management with artificial intelligence
- 23/06/2025 – [Press release 📣] Nailer partnership
- 12/06/2025 – Dream On Technology enters Wavestone x Bpifrance’s Cybersecurity Radar 2025