New year: what are your cybersecurity resolutions?
The new year gives us a chance to ask ourselves a simple, honest question about cybersecurity: am I ready for the digital world as it is today, or as I wish it were?

December 2025 was a dark month for cybersecurity in France.
A massive breach of files linked to the national police, threats to leak sensitive data, a leak of personal data at Leroy Merlin, attacks on universities such as Lille exposing student data... The incidents piled up at an alarming pace.
These events are a reminder of a simple but uncomfortable reality: no one is safe.
Not public institutions.
Not big companies.
Not ordinary citizens.
Digital tools, so convenient day to day, can tip into nightmare very fast. And it is precisely in this context that the new year comes at just the right moment to rethink our habits.
Every January, it is the same ritual.
We promise to hit the gym.
To eat better.
To scroll less.
And then there is everything else.
What we put off.
What we do not see.
What we would rather believe is "under control".
Cybersecurity is one of those blind spots.
Not because the subject is complicated.
But because it is invisible... until the day it suddenly becomes very concrete.
A bank card blocked.
An account hacked.
An email sent "by you" that you never wrote.
Personal data circulating without your knowing where, or why.
The new year gives us a chance to ask ourselves a simple, honest question:
am I ready for the digital world as it is today, or as I wish it were?

First resolution: stop believing that "it only happens to other people"
This is the most important one.
And also the most uncomfortable.
Most victims of cyberattacks are neither careless, nor naive, nor "bad with computers".
They are normal. Busy. Trusting. Tired.
Modern attacks no longer look like crude scams.
They look like everyday life.
A credible message.
A well-written email.
A request that arrives at just the right moment.
Accepting that no one is too small, too under the radar or too insignificant to be targeted is already a form of protection.
The incidents of late 2025 proved it: when even the police, universities or big retail chains get exposed, the "I have nothing worth stealing" argument no longer holds.
Second resolution: take back control of your accounts
We collect accounts the way we collect keys... without ever taking stock.
Emails, social networks, banks, streaming platforms, work tools, government services.
Every account is a door.
And far too often, those doors are poorly locked.
Change your critical passwords.
Stop reusing the same one everywhere.
Turn on two-factor authentication where it exists.
These are not dramatic gestures.
But they are the ones that make the difference between a contained incident and a total disaster.

Third resolution: stop confusing convenience with security
Digital tools have got us used to ease.
One click. A saved memory. A password stored "for later".
Except that convenience is often the silent enemy of security.
Saving your passwords everywhere.
Trusting your browser blindly.
Using the same device for everything, with no separation.
Taken individually, these choices seem harmless.
Added up, they create an enormous attack surface.
The massive leaks seen in recent months show just how much a small weakness can have big consequences.
Being secure is not about living in fear.
It is about accepting that every shortcut has a price, even if it is invisible at first.
Fourth resolution: stop delegating your vigilance to tools
Antivirus software, filters, artificial intelligence, "smart" services.
All of it is useful.
But none of it thinks for you.
Tools assist.
They do not replace judgment.
A message can slip past every filter and still be dangerous.
A request can be technically legitimate and humanly suspicious.
Cybersecurity always starts with a simple question:
does this situation make sense?
Fifth resolution: understand before you suffer
Most people simply endure the digital world.
They use tools they do not understand.
They accept terms they do not read.
They adapt after the fact.
Changing that does not require becoming an expert.
Just understanding the basic mechanisms:
how you are manipulated, how you are rushed, how you are pushed to click.
This is exactly the approach I wanted to convey in Être en cybersécurité.
Not a technical book.
A book about clear-sightedness.
Because the first firewall is not a piece of software.
It is your ability to recognize an abnormal situation.
The best resolution: stop putting it off
Incidents always come "at the wrong time".
When you are rushed.
Tired.
Already too busy.
Cybersecurity works the other way around:
what protects you are the decisions made before the problem.
Not after.
The new year is not a magic promise.
But it is a starting point.
Not to become perfect.
Just to become a little more aware.
And in a world where attacks are increasingly credible, automated and invisible,
being aware is already a form of protection.
Questions fréquentes
Why should I feel concerned if 'I have nothing worth stealing'?
The incidents of late 2025 (police, universities, big retail chains) show that even the best-resourced players are exposed. Modern attacks look like everyday life and target normal people who are busy and trusting.
What concrete steps can I take to regain control of my accounts?
Change your critical passwords, stop reusing the same one everywhere, and turn on two-factor authentication where it is available. These simple steps make the difference between a contained incident and a disaster.
Are security tools enough to protect me?
No. Antivirus software, filters and AI are useful but do not replace judgment. A message can slip past every filter and still be dangerous; cybersecurity starts with the question: does this situation make sense?
Do I need to become an expert to be secure?
No. You only need to understand the basic mechanisms: how you are manipulated, how you are rushed, how you are pushed to click. The first firewall is not a piece of software but the ability to recognize an abnormal situation.

Être en cybersécurité
Une feuille de route cyber en clair, pour tout le monde, pas seulement les experts.
