Wednesday, October 12, 5:00 pm - 5:45 pm
How should the CISO be trained in soft skills? - Room Lifar
Over the last few years, the position of the CISO has changed a great deal, as have his/her missions and what the company expects of him/her. The CISO of 2022 must be a real "Swiss Army knife": managing teams, communicating at all levels of the organisation, talking to HR, presenting action plans to Comex, knowing how to convince... All these qualities and skills are not learned in engineering schools but throughout one's career. This round table will be an opportunity to examine how to acquire these soft skills and to identify the actors who can support CISOs in this process.
Moderator: Cécile Desjardins, journalist
Sabine Guiheneuf, CISO, Administrator, CESIN
Do innovations allow to face threats? - Room Genevoix
Faced with an extension of cyber risks and in a digital context that continues to accelerate, what can technological innovations bring today? What are the challenges for CISOs? How do they deal with these issues? And how can they remain "at the cutting edge" when there are strong budgetary, technical and human constraints?
After identifying what is meant by technological innovation in cyber, this round table will attempt to answer the many questions that CISOs ask themselves in order to understand how to integrate it into their roadmap.
Moderator: Jérôme Saiz, Business protection expert - OPFOR Intelligence
Sabine d’Argoeuves, IS/IT Corporate Security Manager, Danone
Thomas Anglade, Head of Data Science - OT security
Maxime Cartan, Co-founder & CEO, Citalid
Cyber insurance: what are the alternatives? (in collaboration with Amrae) - Room Poulenc
It is an understatement to say that for the past two years, the situation has been tense between insurers and companies regarding cyber risk. In its latest study, AMRAE (Association pour le Management des Risques et des Assurances de l'Entreprise) even points out that some large organizations have given up on insurance. And this, while the cyber risk is only increasing.
The reason: premiums are too high for customers, while insurers are struggling to find their business model and prefer to withdraw. In this context, what is the room for maneuver of the protagonists? How to evaluate the risk so that it is acceptable to all? What have companies that opt out of their insurance put in place? How can insurers add value to their offers? And how can we respond to the rating agencies?
Moderator: Florence Puybareau, Directrice des contenus et de la communication, DG Consultants
Gilles Berthelot, Directeur sécurité numérique groupe, SNCF
Philippe Cotelle, Head of Cyber Insurance Management of Airbus Defence & Space-Administrateur de l’AMRAE
Sébastien Heon, Cyber Solutions Deputy Chief Underwriting Officer Scor
Anne Cridlig, Head of Professional Indemnity & Cyber Département Financial Lines, Zurich Insurance
Geopolitics: what lessons can be learned from the current situation? - Room Bosio
Russia's invasion of Ukraine last February raised fears of an explosion of conflict-related cyber attacks in Europe. Although the catastrophic scenarios did not come true, this event nevertheless brought geopolitics to the forefront. In a few months, the subject has been invited to all boards and all committees of companies. CISOs are also concerned and must prepare themselves to face new digital threats. This round-table will examine the impact of this situation on companies, their adaptability to these issues and the position of CISOs.
Moderator: Mélanie Benard-Crozat, Rédactrice en chef, S&D Magazine
Christine Dugoin-Clément, Associate Researcher "Risks" Chair Research Laboratory IAE Paris 1 Panthéon-Sorbonne
Guy Phillipe Goldstein, Strategic Advisor, Expon Capital
Michel Cazenave, Director | DSSR | Regional CISO-CSO France & Maghreb, PwC
How to have confidence in the ecosystem? - Room Auric 3
No cybersecurity without working closely with the ecosystem, both internal and external. Yes, but it's a problem when you know that many attacks and threats come from a supplier or a service provider. Trust then turns to distrust.
This round table will explain how it is possible to work together with all the links in the chain (from subcontractors to state authorities). What are the prerequisites to establish with the providers (notably by establishing a risk analysis)? And why it has never been so important to cooperate with the business.
Moderator: Caroline Moulin-Schwartz, Consultant and Technical Delegate, CRiP
Maricela Pelegrin-Bomel, National ISS Manager Etablissement français du sang
Nadège Reynaud, Cybersecurity Director, TNP Consultants
Vivien Mura, Head of the Industry and Technology Division, ANSSI
Valérie Levacque, CISO, Arianegroup
Evoltion of cyber organizations by 2025 (Round table organized by Cesin) - Room Appolinaire
Cyber Security governance allows, from a risk management approach of the company and in an iterative way, to :
- Define the roles and responsibilities of the different actors
- Set technical and behavioral objectives via policies and standards
- Present the operational maturity to be reached and the adequate means to be implemented and
- Reassure through the detection and treatment of threats, business continuity and resilience of information systems
At the beginning, governance was mainly driven by compliance issues. Today, it must respond to both conjectural and structural needs, regardless of the technical or organizational skills of the CISO. From now on, Cyber Security governance must integrate new dimensions such as fluctuating business constraints, opportunities to be seized, the company's drivers and the values of its CISO. This round table will provide an update on the new approaches to cyber security governance.
Moderator: Alain Bouillé, General Delegate of CESIN
Eric Singer, CISO EMEA at Schneider Electric
Fabrice Bru, Cybersecurity Director, STIME
Hervé Dubillot, CISO Groupe Pomona
Maxime Descombes, CISO Groupe Bel
Confidential computing: the next frontier of data security - Room Scotto
Data security has always been at the heart of the action of cybersecurity managers. But while major advances have been made in the security of data in transit and the security of stored data, there is still a lot of ground to cover: the security of data during processing!
Numerous technologies are currently being developed, both in hardware - for better isolation within processors and memory - and in software, with the appearance of new encryption mechanisms. These technologies should play a key role in reducing the risks associated with using the cloud.
The concept of confidential computing is emerging, becoming more normalized and accelerating. But what exactly is it? What are the concrete applications today? Will we achieve "ultimate" security tomorrow, or will we be able to process data while keeping it encrypted?
The stakes are high, and this exceptional round table, which will bring together some of the market's major hyperscalers, key players in the construction of these new technologies, will be an opportunity to discuss this fundamental subject for CISOs/ISDRs without any tongue-tied words.
Moderator: Thierry Auger, DSI Corporate & Directeur Cybersécurité Groupe, Lagardère
Mathieu Jeandron, Tech Lead secteur public France&Benelux, AWS
Thiébaut Meyer, Office of the CISO, Google Cloud
Julien Levrard, CISO OVHcloud
Arnaud Jumelet, National Security officer, Microsoft France
Friday, October 14, 3:00-3:45 pm
The security of industrial IS environments: Towards a rapprochement between OT and IT? - Room Lifar
In recent years, we have seen many changes in the world of industrial environments (IoT) driven by digital transformation. But what has really changed? What should we fear? What are the real differences with traditional cybersecurity (IT)? Can we finally talk about convergence? Furthermore, are suppliers responsible for the delay in security by design of products? And on their side, do customers really know how to express their security needs?
This round table will be an opportunity to take stock of the current situation, to highlight developments and to look ahead to the medium and long term.
Moderator: Loïs Samain, CISO, EDF Hydro
Orion Ragozin, RSSI Idemia
Nicolas de Peslouan, RSSI de Stime DSI Groupement Les Mousquetaires et membre du Lab OT du CESIN
Faced with a lack of talent, it's time to accelerate! - Room Van Dongen
In France, the number of vacancies in cybersecurity can be counted in the thousands and the phenomenon is only growing, at the risk of increasing the danger for organizations lacking talent. Although training courses are developing, they are far from being sufficient to absorb the demand. It is imperative, even vital, to multiply the sources, to open up horizons and to change one's attitude towards the profiles sought.
This round-table will be an opportunity to understand the new recruitment and training methods, to go beyond stereotypes but also to question the responsibility of the sector in this shortage.
Moderator: Cécile Desjardins, Journalist
Gilles Casteran, CEO, AIGAVE
Martin Jalenques, Regional Cyber Security Manager Schneider Electric
Emmanuel Retif, Human Resources Director Cloud Infrastructure Services France at Capgemini
Ebios RM's contribution to the cybersecurity of the supply chain (Round table organized by Club Ebios)
The objective of this round table is to expose the structuring role of EBIOS RM in the management of the risks linked to the supply chain. On this occasion, several major actors of the SSI will come to present the stakes and the expectations in terms of security of the supply chain and will illustrate their testimonies by feedbacks of experience.
Moderator: Maricela Pelegrin-Bomel, National ISS Manager Etablissement français du sang
Vincent Loriot, Head of the Digital Security Management Division-Sub-Directorate Strategy-ANSSI
Olivier Ligneul, EDF Group Cybersecurity Director
Dominique Guiffard, IT & Digital Services Group CTO Savencia
France 2030: France's major cyber ambitions - Room Bosio
Triple the revenue of the cyber sector and create 37,000 jobs by 2025. This is the ambition of the national acceleration strategy for cybersecurity, with a plan worth more than €1 billion. What is the roadmap behind it? What is the government's overall strategy? What resources are needed to achieve these ambitions? What coherence at the European level? What are the expectations and recommendations of experts and politicians to meet the challenges? What about priorities, investment and development strategies for the emergence of talent? Elements of answer with our guests.
Moderator : Mélanie Bénard-Crozat, Editor-in-Chief S&D Magazine
Gilles Babinet, Co-Chairman, National Digital Council
Philippe Latombe, Member of Parliament for Vendée
William Lecat, Investment Director, Cyber Impact Ventures, Auriga Partners
Performance indicators for Cyber Security (Round table organised by Clusif) - Room Poulenc
In 2017, the work of CLUSIF members already showed the interest of IT security dashboards: the indicators were used for continuous improvement of security and in communication with the management of organisations.
Today, cybersecurity performance indicators are omnipresent in the activity of CISOs. The members of the Clusif CISO Space will present an overview of good practices in indicators: Cyber Rating for supplier evaluation, Cyber Score for web services to increase user confidence, Dashboards to raise awareness and obtain management support, Comparison / Evaluation of entities in an international or distributed organisation to increase their security performance...
Henri CODRON, animator of the RSSI space of Clusif
Benoit FUZEAU, President of Clusif and CISO of Casden Banque Populaire
Sylvain LAMBERT, RSSI at Pôle Emploi
Nicolas VIELLIARD, Cybersecurity Operations Director, Danone and Clusif Administrator
Jean-Marc BOURSAT, Security Officer at Totalenergies
Friday, October 14, 4-5 pm
The Trial of the Century "Crime in the Metaverse" - Room Prince Pierre
President of a clothing company that has just moved into the Metaverse, Ms. Crypto begins receiving insulting and hateful messages from an anonymous avatar. Then, the obnoxious virtual character informs her that he has all of her customers' personal data and demands a crypto-currency ransom. Finally, Mrs. Crypto's own avatar is stabbed to death and found lying on the ground in a pool of blood.
How can the vicious cycle be stopped? What are the rights and duties in the Metaverse? What kind of justice for the victim and his aggressor? Come and follow the investigation and the unfolding of a trial in the world that could well be tomorrow's.
Christiane Féral-Schuhl, Lawyer, Cabinet Féral-Schuhl
Myriam Quemener, Advocate General at the Paris Court of Appeal
Anne Souvira, Head of the cyber mission of the Paris Police Prefecture at the DILT