WEDNESDAY 11 OCTOBER 5:00 - 5:45 PM
World upheaval and regulatory onslaught: a new headache for CISOs? - Van Dongen
There are undoubtedly as many sticking points as there are cyber risks at international level: laws and regulations to start with, then critical infrastructure management, or cloud and data governance between states.
During this discussion, our speakers aim to:
- Understand/map this "cyber geopolitics".
- Imagine the basis for international cooperation to share intelligence and best practices.
- Define the fundamentals of coordinated response to incidents
Moderated by Eric Domage, observer of B2B IT worlds
- Thierry Auger, Deputy CIO and CSO, Lagardère
- Rayna Stamboliyska, CEO at RS Strategy & Digital EU Ambassador at European Commission
- Farid Illikoud, Group CISO & Digital Strategy Officer, Group Decathlon
Threat Intelligence 1 – Cybercriminels 0 ! - Poulenc
Weak signals are cybercriminals' best friends. Or their worst enemies. Cyber-attacks are becoming increasingly frequent and complex, and companies can no longer simply adapt, but anticipate. And it's by getting to grips with these weak signals that they can do just that: by detecting the business sectors affected, the methods used, the types of surface, the context, the mechanisms, the indicators... Cyber threat intelligence can become an attacker's worst nightmare.
In this session, our speakers will explain how Threat Intelligence can padlock the door to attacks, even Friday night ones!
Moderated by Jérôme Saiz, Corporate Protection Expert, OPFOR Intelligence
- Julien Bachelet, Global CISO & Directeur Cybersécurité, Hermès
- Sabine D’Argœuves, Cyberdefense Manager, Danone
- Axel Castadot, National Crisis Director for Information Systems (DNCSI), SNCF
- Arnaud KOPP, Head of Coordination and Operational Partnerships Office (CPO), ANSSI
Responsible digital: we can't look the other way - Genevoix
Digital Responsibility is an approach that aims to reduce the environmental impact of digital technology, while at the same time providing solutions for reducing the carbon footprint of business activities and acting on the social and governance impact of digital use. This approach is increasingly present within organizations, as the IT sector currently accounts for between 1.8% and 2.8% of the world's carbon footprint, and this figure is rising by 9% a year (Source: Forrester, Ready for IT 2023 conference). So we can no longer look the other way.
Moderated by Sabrine Guihéneuf, Group Director Cybersecurity and IT Governance URW and CESIN Board Member
- Pierre-Luc Refalo, VP - Head of Group "IT & Cyber Security" Audit, Capgemini
- Marie Ait Daoud, Green IT Manager - DSI Groupe VINCI
- Andrada Dugan, Innovation & Sustainability Director, ISS France
Friday 13 October 9:30 - 10:15 am
Industry 4.0: "with great power comes great responsibility " - Poulenc
French industry accounts for 13% of GDP (source franceindustrie.org), and the government's plan to reindustrialize the country should boost this figure even further.
The sector, already subject to an intense pace of innovation, is increasingly exposed to (and even dependent on) international networks, multiplying cyber risks exponentially. But this innovation is also backed by an infrastructure that is often outdated or obsolete, making it more susceptible to attack by malicious international groups.
The good news is that Industry 4.0 is boosting the economy and jobs, but it is also increasing the surface area and stakes of attacks, with the immediate risk of costly disruption. Industrial security must imperatively be in real time, and this is what our speakers, inspired by *Churchill, will set out to demonstrate.
Moderated by Sabine D’Argœuves, Cybersecurity Manager, Danone
Thierry Manciot, Head of Cyber Security for network and Manufacturing & Supply, Sanofi
Sabri Khemissa, Group ICS/OT Cybersecurity Manager, Imerys
Bertrand Aït-Touati, Director, Industrial Cybersecurity Program, Suez
We forgot that a building door opens - Van Dongen
When an ethical hacker is commissioned by a company to assess the risks to which it is exposed, he doesn't just have his computer keyboard as a tool. He may also have a lock-picking kit found for less than €20 on a famous marketplace. Physically, the door can be broken into, just as the intelligence we put into buildings today can be. On the other hand, a cyber attack can have direct physical consequences, blocking the door you want to open.
Should the CIO take this issue head-on, and if so, how? How can we draw inspiration from the smart city, the cradle of intelligent buildings, to better understand the heterogeneity of their flaws and secure them?
Moderated by Annick Rimlinger, Director of Safety & Security, Cyber & DataProtection, Aéma Groupe
- Frank Van Caenegem, VP Cybersecurity, CISO EMEA, Schneider Electric | Board member, CESIN
- Brice Augras, President and Founder, BZHunt
- Victor Poucheret, Associate Technical Director, BZHunt
- Amaury Pitrou, Co-founder & Managing Director Smalt - Bouygues Construction
Information manipulation and influence games: cybersecurity under pressure - Genevoix
Dive into the challenges of misinformation. This round table will highlight emerging methods of online manipulation and their implications for digital security. Cybersecurity professionals are under increasing pressure to counter these disinformation strategies. Collaboration and intelligence sharing are essential to build a robust, legal and ethical defense. We will also look at future trends and the vitality of innovation in the fight against information manipulation.
Moderated by Veronique Loquet, Specialized cybersecurity PR
- Nathalie Devillier, Founder of Influence Cyber and expert for the European Commission
- Bogdan Bodnar, cyberwar journalist
- Laurent Bloch, previously head of scientific computing at Institut Pasteur, Director of Information Systems at Université Paris-Dauphine
FRIDAY 13 OCTOBER 3:00 - 3:45 PM
Club Ebios: Regulatory minimum versus comprehensive coverage: which strategy to choose? - Van Dongen
Businesses and public authorities have organized themselves in response to the growing threat posed by numerous Ransomware attacks and espionage campaigns.
The post-Covid economic and geopolitical context in Ukraine has prompted the authorities to tighten regulatory obligations for critical and sensitive information systems (NIS2 Directive, LPM), as well as for specific sectors (Dora, Network code, etc.).
Some companies are witnessing the emergence of a "regulatory mille-feuille", which can lead to duplication of reporting, monitoring and coordination activities, combined with a surfeit of requirements, the cost of which could be prohibitive for their business model.
From now on, cybersecurity departments and CISOs will need to define an in-depth strategy for controlling the main business risks, for complying with internal and regulatory standards, and more generally for positioning the cybersecurity requirements they place on their company's organizations at the right level.
The EBIOS Club invites you to take part in this interactive workshop in the form of a round-table discussion, in which two major groups and ANSSI will share their thoughts on the subject, and give an account of their own approaches.
Moderated by Lionel Vodzislawsky, Director, Club EBIOS and Maricela Pelegrin-Bomel, National Information Systems Security Manager, ETABLISSEMENT FRANÇAIS DU SANG
- Fabien Galle, CISO, ASTEELFLASH
- Jean Baptiste Stuchlik, Director of Cybersecurity, Consumer and Digital Division, LA POSTE
- Christophe Floch, CISO, DASSAULT AVIATION
- Mathieu Couturier, Deputy Division Head, Digital Security Management, ANSSI
CLUSIF: The stakes and practice of legalizing attacks - Poulenc
For several years now, the number of cyber attacks has been exploding, and they are becoming increasingly serious. Faced with this risk, institutions are clearly advocating the filing of complaints. Without the filing of complaints, there is no visibility of the phenomenon, and without visibility, there is no policy to combat it. The aim of this round table is to look at the subject from a number of angles: the judicial system as seen and expected by the institutions, the reality on the ground from the point of view of the economic players targeted, and the concrete case of a large-scale organisation that has provided the community with a set of reflex cards and best practices.
Moderated by Loïc Guézo, Vice-President of Clusif and Lieutenant-Colonel (RC) attached to the Gendarmerie's cyberspace command
- Cyril Tesser, Director of Information Protection, La Poste Group
- Eric Freyssinet, Brigadier General, Senior Cybercrime & Cybersecurity Advisor, Gendarmerie Command in Cyberspace (COMCYBERGEND)
- Sébastien Blard, CISO for a major French industrial group
- Aurélien Diche, Specialized cybercrime assistant, Section J3 - JIRS - JUNALCO - Cybercrime, Parquet du tribunal judiciaire de Paris
CESIN: Is AI a real game changer for CISOs? - Genevoix
Already present in many cyber domains, AI has made a dramatic entry into the CISO agenda in recent months. Whether it is used for defence purposes or by attackers, and whether it is now part of a company's new strategies, CISOs must now come to terms with this new paradigm. How should they deal with it? Do you need to change your security policy? What new skills are needed in the cyber team? How can it be better used for cyber defence? How should our SOCs and risk analyses evolve?
Moderated by Alain Bouillé, CESIN General Delegate
- Vincent Lefret, CISO & Cybersecurity Manager, Système U
- Olivier Ligneul, Cybersecurity Director, EDF Group
- Arnaud Martin, Chief Information Security Officer, Groupe Caisse des Dépôts
FRIDAY 13 OCTOBER 4:00 - 4:45 PM
CISOs, cast off! - Prince Pierre
20 years is both a long time and a very short time. Very little because cyber is still at the beginning of its history, and a lot because it has already accumulated so many habits and reflexes. In an innovative format, the Assises Edito Committee is proposing a closing 'exercise': a session in which everyone should come away feeling - and using - lighter! This is where we shake up our habits, dust off old reflexes and keep only what is really useful to the CISO's roadmap. At the 23rd Assises de la Cybersécurité, we've had our fill of ideas, contacts and partnerships, so let's make room for them and cast off!
Moderated by Giles Fontaine, Editor-in-Chief, Challenges
- Loïs Samain, CISO, EDF Hydro and Co-founder of the ComptoirSecu Podcast
- Michel Cazenave, Regional CSO & CISO France, Monaco, Maghreb, PWC
- Stéphane Joguet, Global CISO, Sephora
- Eric Singer, Global CISO, PLUXEE