The most sensitive data in any large organisation is not the kind that sits in hermetically sealed digital vaults. It is the kind that circulates every week between board members and executive committees: acquisitions under negotiation, restructuring plans ahead of their public announcement, consolidated financial projections covering every entity in the group, deliberations of the Board of Directors on highly confidential matters. This information, the most sought-after, the most exploitable by a competitor or a foreign state, passes in the vast majority of cases through tools that were never designed to protect it.
This reality raises a straightforward question that every CIO or CISO of a large organisation should be asking: do the most strategically sensitive exchanges in the organisation benefit from a level of protection commensurate with their sensitivity, or are they treated like any other internal data, hosted on the same tools, exposed to the same risks?
Executive Data: The Most Exposed and Least Protected Target
There is a profound irony in the way large organisations manage information security. Industrial systems are hardened, database access is logged, employee devices are subject to strict MDM policies and yet the Group Chief Executive sends the minutes of the last Audit Committee by email to the board, via a messaging platform whose data is hosted in the United States.
The NCSC’s 2025 Annual Review makes clear that cybersecurity is now critical to business longevity and success, with the organisation’s chief executive warning that business leaders can no longer treat it as a matter for technical staff alone. The targeting of senior executives and board-level data is far from random: according to CrowdStrike, the most common targets of cyber espionage include large corporations and senior executives, with cyber spies specifically seeking out strategic intentions ahead of public announcements, consolidated financial data, and exchanges between board member, precisely the information that flows through executive communication channels every week.
The threat actors behind these operations are not opportunistic. The NCSC has identified China, Russia, Iran and North Korea as primary actors in sophisticated cyber operations targeting UK organisations, with the number of nationally significant incidents handled by the NCSC more than doubling in the past year, driven in significant part by state-sponsored espionage campaigns aimed at extracting strategic and commercial intelligence. In this context, the relevant question for any large group is no longer whether it will be targeted, but whether its most sensitive data is structurally protected against an intrusion discreet enough not to trigger any alert.
The Specific Challenge of Multi-Entity Groups
For large groups structured around an umbrella brand with numerous autonomous subsidiaries, the challenge takes on an additional dimension. Strategic data does not concern the holding company alone: it spans transversal perimeters involving decision-makers distributed across multiple legal entities, multiple countries, multiple governance cultures and often widely varying levels of cybersecurity maturity from one entity to the next.
This dispersion generates specific risk surfaces that deserve to be named clearly. Exchanges between group leadership and subsidiary directors frequently pass through consumer-grade messaging tools or non-certified platforms, in the absence of a shared dedicated infrastructure. Shared workspaces between the holding and its subsidiaries are generally poorly compartmentalised, meaning that a compromise in a peripheral subsidiary can open a pathway to the group’s consolidated data. Board and executive committee members sometimes hold mandates across several subsidiaries and use different tools depending on the entity, multiplying uncontrolled points of contact. Legal, financial and HR departments across the different entities exchange highly confidential information without any dedicated infrastructure, outside any formalised traceability framework.
This lack of coherence in access management and communication spaces is precisely what sophisticated attackers look for. As Whaller’s analysis of digital dependencies highlights, the Digital Workplace has become a major potential point of failure, including when that failure takes the form of a targeted intrusion rather than a technical outage.
Why Standard Collaboration Tools Are Not Sufficient
The instinctive response of many IT departments is to point towards the tools already deployed across the organisation: Microsoft 365, Google Workspace, Slack, Teams. These platforms are efficient, familiar, and offer a level of functional security that satisfies the majority of everyday use cases. They present, however, a structural limitation that CIOs and CISOs know well: they are all subject to extraterritorial American legislation. The Cloud Act and FISA allow US authorities to compel any American company to hand over data it holds, wherever in the world that data is stored. Contractual clauses, ISO certifications and data centres located in Europe cannot change this legal reality. For data that falls under trade secret law, the fiduciary obligations of directors, or the requirements of the Market Abuse Regulation concerning privileged information, this level of exposure does not correspond to an acceptable risk posture, not on ideological grounds, but on the basis of a straightforward legal and operational risk analysis.
Cyril Bras, Head of Cybersecurity at Whaller, summarises the issue clearly:
“At Whaller DONJON, there are no grey areas. Your data is sovereign from infrastructure to software. It is demanding, but it is the only way to offer a genuine alternative to the US tech giants.”
A further blind spot frequently underestimated: even among providers that claim certified hosting, many only qualify the infrastructure layer at SecNumCloud level, without the application software itself carrying an equivalent qualification. This creates a grey zone in which data is no longer protected end-to-end, leaving a window of exposure precisely where the chain of trust should be at its most robust.
Whaller DONJON: A Trusted Infrastructure for the Most Sensitive Exchanges
Whaller DONJON addresses this problem not as another productivity tool in an already dense information system, but as a trusted infrastructure dedicated to exchanges that cannot afford the slightest security compromise. The first and only French collaborative platform to achieve SecNumCloud 3.2 qualification from ANSSI (French national cybersecurity agency) by “composition”, it offers a dual layer of sovereignty covering both the infrastructure (IaaS OVHcloud, SecNumCloud-qualified) and the application software (SaaS Whaller DONJON, SecNumCloud-qualified), without any grey zone or exposure to a foreign jurisdiction at any level of the technical chain.
For the CIO or CISO of a large group, this architecture translates into concrete capabilities. Sealed spheres allow the creation of physically isolated spaces for each governing instance, group executive committee, subsidiary management committees, Board of Directors, Audit Committee, Risk Committee, with access rights defined at the level of each sphere, without access granted in one instance ever propagating to another. End-to-end encryption of communications and documents, ensured by the Cryptoner technology, guarantees that neither Whaller’s servers nor its teams can access exchanged content. Passwordless strong authentication, via the AuthSezam partnership with its multifactor biometrics reinforced by an AI anti-fraud module, meets the requirements of the most sensitive environments. Digital watermarking of documents allows the precise identification of the origin of an information leak and creates a dissuasive traceability mechanism. Comprehensive logging of access and actions fulfils audit obligations and regulatory compliance requirements (GDPR, NIS2). Hosting is physically dedicated per client, with no data pooling between organisations.
For multi-entity groups, the sphere architecture faithfully reproduces the group’s governance structure: a sphere dedicated to transversal exchanges between the holding and its subsidiaries, separate spheres for each governing instance, with rights adjustable in real time according to the mandates and perimeters of each member.
Situations That Justify Deploying a Dedicated Sovereign Space
Several recurring configurations lead organisations to consider seriously the need for a dedicated digital space for executive data. An internal or external audit may have identified board-level exchanges as a weak point in the risk mapping, without the existing tools being capable of addressing it adequately. A confidential operation, merger and acquisition, fundraising, restructuring, may require isolating a restricted group of decision-makers for the entire duration of the project, with the certainty that exchanged information cannot be intercepted or leak outside the defined perimeter. A regulatory or governance requirement may also demand a documented and auditable level of protection, whether DORA for the financial sector, NIS2 for operators of essential services, or the fiduciary obligations of directors towards their principals.
In all these configurations, the answer sought is the same: a digital space in which the organisation’s most sensitive data can exist, circulate and be shared with full confidence, between executive committee members, between group leadership and subsidiary directors, between directors and their advisers, without depending on the integrity of an infrastructure governed by foreign law.
Integration Designed for Complex Information Systems
The integration question is consistently at the heart of conversations with IT departments in large groups: how can a new solution be deployed in an already dense environment, without creating additional friction, dependency or organisational resistance? The answer lies in the philosophy of the solution itself. Whaller DONJON is not designed to replace the existing information system: it complements it by creating a sovereign layer dedicated to sensitive exchanges, independent of the other systems in place. The platform is physically dedicated to each client, accessible via a specific URL, and can operate in private cloud mode via an IPSec VPN connection for environments subject to the most stringent constraints.
Integration with existing business tools is possible via Whaller’s open APIs, allowing the platform to connect to HR information systems, corporate directories or document management tools, without compromising the confidentiality of sensitive data. For groups wishing to extend the approach beyond the executive committee alone, the same infrastructure can progressively accommodate sensitive project teams, legal departments, M&A teams and audit committees, each in its own sphere, with its own defined access rights, without ever exposing one instance’s data to another’s members.
Protecting Executive Data as a Governance Matter
The risk of economic espionage, theft of strategic data or compromise of privileged information no longer concerns only public institutions or formally regulated sectors. The NCSC has warned that attacks by state actors, cybercriminals and hacktivists are increasingly targeting UK organisations of all sizes, with one in three CEOs now citing cyber espionage and the theft of sensitive information or intellectual property as a top concern, according to the World Economic Forum 2025. This threat concerns every large group whose executive data holds commercial value for a competitor, a foreign state or an organised criminal group.
Protecting executive data is, in this respect, a governance matter as much as a technical security question. It raises the issue of directors’ responsibility towards their shareholders, fellow board members and stakeholders. Having a sovereign infrastructure dedicated to board and executive committee exchanges is not one more precautionary measure to add to a cyber roadmap: it is a governance decision that acknowledges that certain information warrants a qualitatively different level of protection from that applied to the rest of the information system.
Are you a CIO or CISO at a large group and would like to examine how Whaller DONJON can address your executive data protection requirements? Our teams are available to discuss your needs.
0 Comments