The Games Behind the Games

Cybersecurity, Trust and the Hidden Architecture of Sport

BrandIndia Exclusive — From VivaTech 2026 to a conversation with Clément Migeon, Director of the Cybersecurity Division of the CNOSF, France’s National Olympic and Sports Committee

On Day 2 of VivaTech 2026, our focus was cybersecurity and digital sovereignty. Through Kaushik’s movement across the floor, BrandIndia.fr followed the subject from several angles: GovTech and the democratic organisation of public-sector meetings; Aikido Security and the prevention of software vulnerabilities; the EU–India discussion on sovereign digital infrastructure; Publicis/Razorfish’s warning that AI-generated content may weaken trust even as it accelerates production; and Bpifrance’s reminder that cybersecurity must now be built from the first line of code.

The day left us with one clear impression: technology is opening new possibilities, but it is also creating the very complications that institutions must now learn to govern.

This is where cybersecurity becomes more than a technical issue. It becomes a question of public trust, democratic resilience and human responsibility. If digital sovereignty is discussed on stage, it is tested inside real institutions especially in sport, where millions of people gather, watch, travel, pay, connect and believe in the same shared moment.

To understand what this means beyond rhetoric, I turned to Clément Migeon, Director of the Cybersecurity Division of the CNOSF, France’s National Olympic and Sports Committee, for a candid conversation on Paris 2024, ransomware, supply chains, AI-enabled threats, crisis management and the human factor.

I was not sure the interview would be possible. His schedule was tight, the subject is sensitive, and we are living through a period where cybersecurity, institutional reputation and information warfare constantly overlap. There are also limits to what can be said publicly, and rightly so. But precisely because of those limits, it felt necessary to ask direct questions and receive answers from someone who had lived the Olympic cycle from inside a sporting institution.

I did not want to approach cybersecurity only through the usual heavy strategic vocabulary, the kind often associated with national agencies, defence structures or high-level cyber doctrine. Those dimensions matter deeply. But sport offers another entry point. It speaks to everyone. It is public, emotional, democratic and massively followed. It allows us to understand cybersecurity not only as a matter of State protection, but as a matter of everyday trust.

An empowered citizen today helps create a more resilient society tomorrow. And resilience begins when complex subjects are made understandable without being reduced to slogans.

This interview is therefore not only a technical exchange. It is part of a legacy design: to understand what Paris 2024 transmitted, what remains fragile, and how major public events can continue to stay open in a world where openness itself has become a security challenge.

Interview with Clément Migeon

Director of the Cybersecurity Division of the CNOSF, France’s National Olympic and Sports Committee

Writtwik: Thanks a lot Clément for agreeing to do this interview with me today. In your view, what was the main cybersecurity challenge during the Olympic cycle: protecting infrastructure, coordinating between stakeholders, or human vulnerability?
Selon vous, quel a été le principal défi cybersécuritaire durant le cycle olympique : la protection des infrastructures, la coordination entre acteurs ou la vulnérabilité humaine ?

Clément: For the National Olympic Committee of a country hosting the Games, the first challenge is certainly dealing with a cyber threat that can be disproportionate. For many external actors, we are often associated with the organising committee, whereas our actions are completely different, as are our resources.

Writtwik: Ransomware attacks now affect entire ecosystems. How does an institution such as the CNOSF prepare for a scenario in which sporting operations themselves could be disrupted?
Les attaques par ransomware touchent désormais des écosystèmes entiers. Comment une institution comme le CNOSF se prépare-t-elle à un scénario où les opérations sportives elles-mêmes pourraient être perturbées ?

Clément: Ransomware attacks are indeed very present. With the help of ANSSI and private partners, we managed to move into a resilience-oriented approach ahead of the Paris 2024 Games. We segmented our information systems and strengthened our backup policy so that we would be able to resume activity, even in degraded mode. Cyber crisis exercises were also organised to prepare all CNOSF business teams as effectively as possible.

Writtwik: Major sporting events depend on a considerable number of subcontractors and digital service providers. Is the supply chain now the main point of cyber fragility?
Les grands événements sportifs reposent sur un nombre considérable de sous-traitants et de prestataires numériques. La chaîne d’approvisionnement constitue-t-elle aujourd’hui le principal point de fragilité cyber ?

Clément: Yes, clearly. Supply-chain attacks are now one of the main attack vectors. Within this chain, the CNOSF itself acted as a partner of the Paris 2024 Organising Committee, and in that capacity we remained vigilant and worked in collaboration with them.

Writtwik: Are generative artificial intelligence tools for instance deepfakes, automated phishing, synthetic identities already changing your perception of the cyber threat?
Les outils d’intelligence artificielle générative — deepfakes, phishing automatisé, identités synthétiques — modifient-ils déjà votre perception de la menace cyber ?

Clément: It is obvious that AI tools play a major role in current cyber threats. Increased awareness among our staff regarding the detection of phishing, or any other attack of this type, plays a predominant role in this area. Other cybersecurity tools integrating AI are beginning to emerge and are very promising.

Writtwik: What did cooperation with French cybersecurity institutions teach you about crisis management during a highly visible international event?
Que vous a appris la coopération avec les institutions françaises de cybersécurité sur la gestion de crise lors d’un événement international à très forte visibilité ?

Clément: The support provided by French State services in the field of cybersecurity was extremely valuable to us. Thanks to them, we were able to carry out a half-day cyber crisis exercise that brought together all CNOSF functions likely to be affected by an incident.

Writtwik: In your experience, what remains the most complex challenge today: technology, governance or the human factor?
Dans votre expérience, quel reste aujourd’hui le défi le plus complexe : la technologie, la gouvernance ou le facteur humain ?

Clément: Technology is, paradoxically, the most manageable part: it has a budget, a roadmap and solutions. The real knot lies between governance and the human factor, and the two are linked. Governance, because a common requirement has to be kept alive across different business departments, without direct hierarchical authority over most of them. The human factor, because no technical system can sustainably compensate for a click, a shared password, or vigilance that fades once the event is over. If I had to choose, I would say that the human factor is the most difficult risk to reduce over time, because it has to be constantly maintained. It requires a great deal of pedagogy and support.

Writtwik: Has Paris 2024 permanently transformed the cybersecurity approach of French sporting institutions, or is there a risk of loss of momentum after the event?
Paris 2024 a-t-il durablement transformé l’approche cybersécuritaire des institutions sportives françaises ou existe-t-il un risque d’essoufflement après l’événement ?

Clément: Paris 2024 primarily made it possible to pass on a cyber approach to a number of institutions and to spread good practices. Now, the results sometimes take time to become visible, as some systems carry significant technological debt, and sport remains mainly focused on the human dimension.

Writtwik: Thank you Clément.

Clément: Merci beaucoup Ritt!

Editorial Note

Clément Migeon’s answers are presented here within the limits of what can reasonably be discussed in a public forum on cybersecurity. The objective is not to disclose operational details, but to understand the broader lessons of Paris 2024 for public trust, institutional resilience and the future of major sporting events.

His responses underline one essential point: cybersecurity is not only a matter of technology. It is also a question of proportion, governance and human behaviour. An institution may not be the main organiser of an event, yet it can still be perceived as part of the target. It may not operate like a defence agency, yet it must increasingly adopt reflexes of strategic resilience: anticipation, segmentation, backup, crisis exercises, coordination with State actors and continuous awareness. In my opinion, this is where VivaTech 2026 and the CNOSF interview converge.

On the exhibition floor, the language was innovation: AI, digital sovereignty, cybersecurity by design and trusted infrastructure. In the CNOSF interview, I wanted in a way that the language becomes operational: ransomware, supply-chain exposure, technological debt and the human factor.

The challenge is not to turn sport into a fortress. It is to make sure that people can still gather, watch, travel, celebrate and trust what they see without turning openness into an invitation to collapse.

Acknowledgements and Methodological Note

• This interview would not have been possible without the support and encouragement of Christophe Moreaux, CFO of the CNOSF, whose openness helped make this exchange possible.
• I am also grateful to sources familiar with the French cybersecurity ecosystem, including institutional perspectives linked to ANSSI, France’s national cybersecurity agency. Their insights helped me better understand, within the limits of a journalistic and non-technical inquiry, the challenges of trust, resilience and digital vulnerability.
• Special thanks to Kaushik Kalyan Kotte, who moved across the VivaTech 2026 floor on 18 June, from stand to stand and session to session, collecting field observations, event notes and daily inputs on cybersecurity, digital sovereignty and AI governance for BrandIndia.fr.
• ChatGPT Pro by OpenAI was used as an analytical support tool for text alignment, semantic structuring, terminology refinement, synthesis of complex arguments and simplification of technical concepts for a broader readership. The editorial framing, interview questions, interpretation, final selection and publication responsibility remain entirely with BrandIndia.fr.