Éric Singer, CISO at Ingenico, a craftsman of digital trust

An encryption software tinkered on cassette at age 14, smart cards dissected under a microscope, thirty years navigating between code, strategy and crisis management: Éric Singer’s career is defined by a continuous exploration of the digital world’s weaknesses and strengths. Today Global Chief Security Officer at Ingenico, he defines himself with three words — trust, value, resilience — and claims a role as a bridge-builder between risk and performance.

“My job is to give the company an appetite for risks.” The phrase surprises, but it sums up his philosophy. For Éric Singer, a CISO is not there to frighten but to enlighten. “The company must understand its risks, and know how to accept or refuse them knowingly.” At Ingenico, he speaks directly with the executive committee: defining threats, strategies, but above all involving leaders in remediation.

From magnetic tape code to strategic security

His first computer: an Oric.
His first program: a password generator stored on a cassette. “It didn’t work, of course, because this computer didn’t have floppy disks,” he smiles. It was 1983. No Internet, very few personal computers, and yet already the intuition that security would become a major issue.

After a master’s degree in security, he started his career in a company specialized in smart card evaluation. Under the microscope, he tested buffer overflows and collaborated with the pioneers of electronic payment. A school of precision, endurance and patience.

From smart cards to enterprise systems, his path widened. Éric Singer then moved into very different environments: ANSSI, Galeries Lafayette, Schneider Electric, Orano, consulting firms and even an engineering school where he created a cybersecurity program. Everywhere, the same conviction remained: security is not limited to technology. “I’ve always liked understanding how systems work, but above all how humans interact with them. Security is all about people.”

Transforming without scaring

He laughs about it today but admits he was wrong at the beginning: “I used to scare people.” Time and experience taught him that a good CISO doesn’t brandish threats — he builds trust. “Many think you need to frighten to be heard. It’s the opposite: you need to reassure.” His approach relies on an assumed leadership: firmness in decisions, but respect in interactions. “You can’t lead security if you can’t lead people. Being a CISO means being both a teacher and a captain.”

On the front line

Three attacks marked him like milestones: WannaCry and NotPetya in 2017, which pushed cybersecurity into boardrooms; Stuxnet, symbol of borderless cyber-geopolitics; and above all, the first ransomware he experienced from the inside.

“I was stunned. I didn’t know what to do.” The admission is not weakness — it’s a lesson in humility. That day, he understood that cybersecurity is not a technical field, but a human territory, crossed by fear, solidarity and time pressure.

Since then, he describes his team as a collective of digital defenders, held together by trust and calm. Women and men “trained in the storm,” he says, for whom every crisis is shared learning.

From technology to governance: the two faces of the CISO

The risk that worries him today is no longer that of isolated hackers, but a more insidious one: complacency. “Poor digital hygiene is the first threat.” Patching, awareness, repeating simple practices — that’s where most of the battle lies.

And tomorrow? Éric Singer envisions a profession split in two: an operational CISO, the crisis fighter, and a governance CISO, strategist of risk and compliance. The arrival of new regulations — DORA, NIS2, the AI Act — already imposes this evolution.

Reconciling cybersecurity and digital sobriety

If he could change one thing with a magic wand, it would be human attention. “The threat is behind the keyboard. If everyone were a bit more vigilant, we’d need fewer protections.” A form of reasonable vigilance, not paranoia.

And a broader reflection: “We should consume digital services the way we consume energy: reasonably. Cybersecurity is also that — learning not to keep everything, not to store everything.”

The craftsman of connection

Against the cliché of the hooded geek, he claims the posture of an enabler, a facilitator. “People see us as controllers, but we are here to listen and help.”

His ambition: to show that security can be collaborative and inspiring.

A reader of Countdown to Zero Day on the Stuxnet affair, a regular of the ANSSI MOOC and podcasts such as Darknet Diaries, he encourages his teams to draw on human stories, not just dashboards.

And if he weren’t in cyber? He would play guitar, do yoga and cultivate connections with people to improve society… an almost peaceful image, counterintuitive. “I love digital technologies, but I want to keep a connection with the real world.” Perhaps this is his final conviction: cybersecurity is not just an invisible barrier — it is a modern philosophy of connection.