Europe, Security, Resilience and Quality: the winning strategy for EBRC

Yves Reding, CEO, EBRC
By M. Renotte 22/08/2022
Banking, Insurance & Fintech
Health & Life Sciences
Public Sector & European Institutions
Defense & Space
Technology & Software Providers
Energy, Logistics & Industry

An interview with Yves Reding CEO, who will be handing over EBRC to Sébastien Genesca after 22 years as its C.E.O.

For more than 22 years, EBRC, with an ambitious European vision, has been advocating an integrated approach to resilience and cyber-resilience that companies must adopt in the face of the risks that threaten them. The specialist in the protection and management of sensitive information also celebrated its 20th anniversary in July 2022 - two years late due to the health crisis - while inaugurating its new headquarters in Leudelange. We spoke to Yves Reding, CEO of EBRC.

TS: What is your assessment of EBRC's performance over the last few months?

YR: In 2021, we achieved a turnover of 113.8 million Euros, including the results of our French subsidiary Digora. This represents a growth of 15% compared to the previous year. Over a period of five years, we succeeded in achieving the ambitious goal set in 2015 of doubling not only our company's turnover, but also its client portfolio and, more generally, its efficiency.

EBRC was founded in June 2000 with a mission to provide Business Continuity services to its clients, an activity that represents less than 3% of current revenues. Today, each of the letters in our name EBRC (European Business Reliance Centre) sums up our strategy, in particular the E for 'European' and R for 'Reliance'. 

“Resilience has never been more at the heart of discussions”  

For the past two and a half years, several major events have followed one another. Successive waves of the COVID-19 pandemic began to hit our economies from March 2020. And now a new disaster threatens us, a war we thought we would never see again, taking place on European soil. I notice that resilience has never been mentioned as much as during this period, whether it is in reference to the attitude adopted further to the health crisis or the resilience of the Ukrainian people to the shock of the aggression they are suffering. 

TS: What do you see as the medium-term prospects for evolution?

YR: For the past 10 years, we have been energetically promoting the topics of Europe and Trust. For example, we launched our Trusted Cloud Europe offer in 2011. We are big advocates of the first topic but we have to admit that Europe missed the first wave of digitalisation, since it is the GAFAM and BATX - the Chinese equivalents of the American digital giants - that benefited the most. But a second wave is coming with the rise of IoT and connected objects. This second wave will be much more massive than the first and Europe cannot afford to miss it.

"Europe cannot afford to miss the second wave of digitalisation"

The European Union has understood this and took advantage of the COVID period to work towards building a true digital Europe based on European values. The conditions are being met so that our ambition - to become a European digital trust centre in the management and protection of sensitive information - can be achieved in this new European digital space that is currently under construction. 

TS: How is this digital Europe being built?

YR: Today, two approaches are being used. The first is a top-down approach implemented through the action of the European Commission which has launched major regulations and directives. In the first half of 2022, the Data Services Act and the Data Markets Act, which aim at regulating the European digital space, quickly passed the trialogue stage between the Parliament, the Council and the Commission and should enter into force in autumn 2022. The Commission proposed a first draft of the Artificial Intelligence Act in April 2021. And the Cyber Resilience Act as well as the Data Act, the Data Governance Act, the CyberSecurity Act should also be completed in the near future, without forgetting the NIS 2 directive, which regulates Operators of Essential Services and critical digital infrastructures, such as cloud providers.
 
From a bottom-up perspective, the ecosystem is undergoing an energetic awakening with Gaia-X. One of the goals of this project is to create a secure, federated, next-generation data infrastructure in Europe that ensures compliance with the principles of data sovereignty, interoperability, portability, openness, security and transparency. Officially launched on June 4, 2020, the project is managed by an international non-profit association under Belgian law. 

"Our objective is to prepare ourselves to achieve the ambition of Gaia-X"

Some twenty European cloud service providers are now organising themselves with the aim of accelerating the concrete implementation of Gaia-X compatible cloud services, a project of which EBRC was a founding member. The aim is not to build a new AWS, but to create a federation of cloud services with clear standards that meets the European values of sovereignty, interoperability, portability, transparency, auditability, openness and a whole series of principles that do not exist in the digital world today. Our desire is to participate in positioning Luxembourg as one of the capitals of the digital Europe of trust that is taking shape through the Gaia-X project. The objective is to prepare ourselves concretely to achieve the ambition of Gaia-X by conforming to the standards - called "labels" - of tomorrow's Gaia-X services.

Today, EBRC is a recognised operator in the field of data. However, data is meaningless on its own: it contains numbers, statements and characters in raw form. It is only when it is processed, organised, structured or presented in a certain context that data becomes useful. It is then called "information".

Our ambition is to go one step further and provide services for the management and protection of the information itself, i.e. what makes the actual value of the data. And this is precisely the role Gaia-X intends to play in the future

TS: What is your view on the evolution of threats to our societies and economies? 

YR: We live in a constantly evolving world where risk is changing in nature. “Black swan" events – events that are so rare that they are difficult to predict - are becoming more and more frequent, not to mention "unknown unknowns", i.e. risks that we don't know exist, that we don't know we don't know about (meta-ignorance). At EBRC, we are convinced that, tomorrow, any risk, and in particular any cyber risk, can materialise. The only unknowns are when it will happen and with what severity. It is with this mindset that we help our clients evolve in a world of unknowns. We live in an increasingly digital environment, which implies an increased exposure to cyber risks for critical players such as the healthcare sector, energy providers, and financial flow operators.

EBRC, whose sole shareholder is a public group, also aims to help build a trusted ecosystem with sustainable partners in order to build value and bring success to those who trust it. 

"A radical change is taking place towards greater quality and security"

In the business world - and digital is no exception - players differentiate themselves either by quality or by cost, the ideal being to provide high-quality products and services while managing to make the cost justified in the eyes of clients.
  
We believe that a sea change is taking place towards greater quality and security. As soon as the COVID-19 pandemic began, health service managers realised that they had lost control of the supply chains. Resilient systems are essential in such critical sectors. When digital is subject to cyber-attacks, as it was during the health crisis, it becomes clear that the focus must be on the long term. Trade-offs to achieve short-term results are a thing of the past. Those who persist in this frame of mind will be gone tomorrow.

 

TS: What elements allow you to confirm the relevance of your positioning? 

YR: In April this year, EBRC won the Excellence Cloud Europe Award for the "Europe" region awarded by BroadGroup in the framework of the Datacloud Global Awards 2022. Once again, Luxembourg's expertise was highlighted and our ambition to build a trusted ecosystem recognised. This award highlights our different positioning from that of global cloud providers, a positioning based on proximity, agility, security and quality at the service of critical operators who handle information that is sensitive in terms of both confidentiality and availability: banking institutions, FinTechs, RegTechs, healthcare players, biobanks, energy suppliers and national and international public institutions.

Our range of trust services now enables us to support our clients in a new digital world which is increasingly volatile, uncertain, complex and ambiguous, and which therefore presents growing risks.