12th Annual e-Crime & Cybersecurity Congress France

France: In the cross-hairs of the state-backed hacker

23rd March 2023 • The Westin Paris - Vendôme (Paris)

 

Nation-state attacks are now more dangerous than ever. To beat them cybersecurity has to change – and it’s little to do with technology.
 

From secrecy to transparency: how cybersecurity has to change

 

According to a recent study, 75% of French participants believed they had been targeted by a cyber-attack by an organization acting on behalf of a nation-state and 82% believed nation-states are working through cybercriminal groups to execute their cyber campaigns. They believe the main aim of these attacks is sabotage or disruption of their organizations’ operations but almost half had also seen attacks on personal data and IP, financial data and business process operations data.


When asked which factors make them particularly vulnerable to nation-state actors, French respondents identified a lack of collaboration between their sector and their national government (37%), a lack of cyber hygiene across their organizations (36%), the use of outdated security technologies (34%) and the cyber talent shortage (34%).


The fact that CISOs see collaboration with government as a key weak link in the security chain is interesting. France, along with other countries, has institutionalised cyber defence at state level and there is interaction between the public and private sectors. More interesting is what the CISOs did not say: the real issue in cybersecurity today is in disclosure, data sharing and collaboration between companies themselves.


Organisations are still extremely unwilling to disclose attacks and breaches; many refuse to talk in even general terms about the ways in which they implement cybersecurity, believing that somehow this “puts a target on their backs” (when attackers know their entire security stack within a few minutes of conducting reconnaissance and when everyone is already a target).

French respondents in this study were most resistant to share information about the data affected, the length of time their organization was exposed or the financial cost of the incident. They are not alone – other countries are not far behind.


But this lack of transparency is the core issue in cybersecurity today: without data sharing organizations cannot learn from their collective experiences; without accurate data on attacks, attack vectors and material impact it is impossible to build quantitative models to evaluate
cyber risk and accurately assign resources to that risk; without that data designing and pricing cyber-insurance is just a guessing game.


When asked whether national governments should do more to support organizations in defending them against nation-state cyber-attacks, including things like provision of real-time threat intel, 89% of British, German and French respondents agreed. But only 64% of French said they have or would proactively reach out to government.


So, how do we get organisations to collaborate better? How can companies find a way to share data anonymously but in enough detail to be valuable for the collective good? And if companies will not share voluntarily, then given the rise of nation-state attackers, will some kind of public-private collaboration have to be mandated simply for the defence of the nation?

 

The e-Crime & Cybersecurity Congress France will look at how new business models are stretching under-resourced security teams to the limit. Join our real-life case studies and in-depth technical sessions from the security and privacy teams at some of the world’s most admired brands.

  • The pros and cons of managed services

    • If single point solutions and on-prem security are failing the business, what about the
    • alternatives?
    • What kinds of company need what kinds of third-party help, and where does that leave the in-house security team?
    • Do you have solutions that can help relieve the pressures on under-resourced CISOs?
  • Building better Cloud security

    • Migrating to the cloud is a priority. But, if not properly managed, cloud migrations result in extra complexity and risk.
    • So how can firms efficiently assess cloud readiness, plan and execute migrations and establish comprehensive cloud governance?
    • Can you help companies transition smoothly and securely to the Cloud?
  • Here comes real cybersecurity regulation

    • Data privacy is only a small part of the picture. 
    • Regulators are looking at operational resilience in key sectors like finance – securing the wholesale payments market is a priority and others will follow. They are looking at disclosure and fining the miscreants.
    • Can you help businesses comply with new regimes?
  • Can zero trust be done?

    • Zero Trust/ZTNA/SASE - they promise solutions to the key problems CISOs face today.
    • But how realistic are they? Do they take into account existing legacy technology, and the ways in which real companies actually do business day-to-day?
    • Can you explain how a real-world implementation works?
  • Are AI / ML solutions the answer?

    • If the practical realities of business nix conventional zero trust ideas, then what else?
    • Some say that AI and behavioural analysis are better suited to a world where perfect data
      and visibility are unavailable. But are they right?
    • And don’t these solutions only pick up problems after they have occurred?
  • Developing the next generation of security leaders

    • If cybersecurity is to change to meet the evolution of our digital world, then so must those who implement it.
    • CISOs cannot cling to an IT paradigm and companies must move away from hiring on false pretences (on budget and commitment) and firing at the first breach.
    • What does a next-gen CISO look like and are you one of them?

Who attends

Job Titles

Directeur de mission
RSSI
Ingénieur SSI
PCI Manager
Chargé de mission
RSSI
I.T. Security Architect
Legal Counsel
Ingénieur de Production
Directeur Général
CISO/RSSI
Chargé de mission SSI
Chargé de Mission
InformationSecurity Expert
Directeur informatique
RSSI
CISO
Responsable Sécurité
Responsable Support
RSSI
CISO
RSSI
RSSI
IT Security Architect
CISO - RSSI
Global Securite de Production
Cybersecurity Director
RSSI
IT Manager
Responsable écurité
Information Security Manager
RSSI
Expert Sécurité SI
RSSI
I.T. Security Officer
RSSI
Risk Manager
RSSI
Group Deputy CSO
RSSI
Cellule Anti Abus
Data Privacy & Security
Product manager
Information Security Officer
RSSI Groupe
Vice-Président
CISO
Manager, IT Advisory
RSSI
Industry Relations
RSSI / CISO
I.T. & Security Internal Auditor
Responsable de la gouvernance SSI
Responsable cellule e-fraude
CISO
Operations Manager
Risk Manager
Réseau SSI
RSSI
Group Information Security Officer
Chef de projet sécurité
Responsable du SOC
RSSI
Head Cyber and Tech
IT Security
RSSI
Head of software engineering
Group Information Security Officer
Head of Content Security
Investigateur
RSSI
Senior IT Security Consultant
Chef de Projets SOC
CISO
IT Manager
RSSI, Directeur IT
RSSI
RSSI
RSSI
Ingénieur
Head of Anti-Fraud
Head of Professional I & M
Expert Sécurité
Group IT Security Officer
Access Solution Service Manager
RSSI
Directeur Infogérance
Expert SSI
RSSI
RSSI
IT Project Manager
Responsable ADV & Logistique
Chef de projet Sécurité
Responsable Global Cyber Securite
SI Security Expert
Directeur de l'Innovation
RSSI-CIL
E-Payment Project Manager
RSSI
Directeur Sécurité
Directeur Sécurité du SI
Information Security & Risk
Expert Technique
Cellule e-Fraude
Business Security Officer
IT Auditor
Global CISO
RSSI-O
IT Security Officer
Group CISO
RSSI
Direction des Systèmes d'Information
IT Security Consultant
Chief Security Officer
RSSI
Architecte SI
Inspecteur, auditeur en SI
RSSI
RSSI/CISO & PMO
Directeur Risques et Securité
RSSI
M2M Partnership Manager
Project Manager
IT Security Consultant
Information Security Manager
CSO - Responsable Securité
RSSI
RSSI
CISO - RSSI
CISO
Cybercrime Director
Network & Security Engineer
Senior legal counsel
I.T. Senior Risk Advisor
Directeur
CISO
Directeur des Opérations
RSSI
Ingénieur sécurité réseau
Directeur programme SSI
RSSI
Chief Information Security Officer
Sécurité des Systèmes d'Information
IT Security Expert
Information Security Risk Manager
Security Manager
Police officer
Head of IT Infrastructure
Directeur cyber-défense
Lutte contre la Fraude
Group Security Officer
Product Manager
Sécurité Opérationnelle Internet
Trustee
RSSI
Network & Security Engineer
CSIRT
Equipe RSSI
RSSI
RSSI

Companies

SNCF
Camaïeu SA
CNES
Credit Mutuel
SNCF
Council of Europe
Air France-KLM
Crédit Agricole
CDC Arkhineo
SnapElite
Coface
UGAP
Préfecture de Police
BNP Paribas
FlightSafety
Neuflize OBC
Banque Privée 1818
GMX
Ministère de la Justice
BNP Paribas Wealth Management
AREVA
Prosodie
Euromaster
BNP Paribas
Viadeo
BNP Paribas
AXA
Armatis-LC
Euler Hermes
Groupe Beaumanoir
Sodexo
vivarte
Auchan
Groupama Asset Management
BNP Paribas
Éditions Gallimard
Université Paris Dauphine
Fondation de France
GDF SUEZ
Clarins Group
La Poste
GE Capital
LCL
Staples
BNP Paribas
EESTEL
Assistance Publique - Hôpitaux de Paris
Deloitte & Touche
Voyages-SNCF
La Poste
EQIOM
LCH Clearnet
Société Générale
Société Générale
Groupe Galeries Lafayette
La Française des Jeux
Vies De Paris
SNCF
Pari Mutuel Urbain
Air France-KLM
Arval
CNAMTS
Xerox
Swiss Re
STET
Veolia Eau
GMX
Mondial Assistance
Orange
GAPA Investigations Privées
AREVA
Total
CNAMTS
Groupe Pasteur Mutualité
NEVA GROUP
Assistance Publique - Hôpitaux de Paris
Université Paris Dauphine
La Banque Postale
Generali
Enterprise Holdings
Société Générale
Zurich Financial Services
Kering
ArcelorMittal
Sanofi-Aventis
Norauto
La Poste
Pari Mutuel Urbain
SnapElite
Ministère de l'Economie et des Finances
EDF Energy
SFR
Vente-privee.com
BNP Paribas
Société Générale
Monext
Promod
Parkeon
Institut National de l'audiovisuel
L'Oréal
Crédit Foncier
BNP Paribas
La Poste
Société Générale
Automatic Data Processing
Société Générale
Chanel
Boursorama
Delta Lloyd Group
Plastic Omnium
EuropCar
Aéroports de Paris
GDF SUEZ
Coface
Société Générale
Camaïeu SA
Banque de France
Mairie de Paris
Auchan
La Poste
Groupe Samse
SFR
La Poste
STET
Heineken
AXA
Banque de France
Partecis
Adisseo
Les Echos
Police Nationale
Publicis
Crédit Agricole
Chubb (ACE Group)
NEVA GROUP
Radio France
Orange
Humanis
Publicis
EDF Energy
Conseil Général de la Manche
DAHER
MMA
La Française des Jeux
Bombardier
Renault
Police Nationale
Société Générale
Faurecia
Société Générale
EDF Energy
Monext
HSBC
CLUSIF
Recylum
Kering
BNP Paribas
Boursorama
Sodexo
Monext

Industries

Transportation/Shipping
Retail
Central Government
Banking
Transportation/Shipping
Central Government
Transportation/Shipping
Banking
Security Product Vendor
Software
Insurance
Retail
National Law Enforcement
Banking
Aerospace/Defence
Banking
Banking
Software
Central Government
Banking
Construction
Banking
Retail
Banking
Media
Banking
Insurance
Telecommunications
Banking
Manufacturer
Travel/Leisure/Hospitality
Manufacturer
Retail
Banking
Banking
Media
Education
Charity
Oil/Gas
Pharmaceuticals
Transportation/Shipping
Industrial Engineering
Banking
Retail
Banking
Association
Healthcare Services
Accounting/Auditing
Travel/Leisure/Hospitality
Transportation/Shipping
Construction
Banking
Banking
Banking
Retail
Casinos/Gaming
Other Industry
Transportation/Shipping
Casinos/Gaming
Transportation/Shipping
Automobiles/Parts
Insurance
Electronic/Electrical Equipment
Insurance
Banking
Water/Sewage
Software
Insurance
Telecommunications
Consultancy
Construction
Oil/Gas
Insurance
Healthcare Services
Consultancy
Healthcare Services
Education
Banking
Insurance
Transportation/Shipping
Banking
Insurance
Retail
Industrial Engineering
Pharmaceuticals
Automobiles/Parts
Transportation/Shipping
Casinos/Gaming
Software
Central Government
Electricity
Retail
Retail
Banking
Banking
Banking
Retail
Electronic/Electrical Equipment
Media
Household/Personal Products
Banking
Banking
Transportation/Shipping
Banking
Software/Hardware
Banking
Retail
Banking
Insurance
Manufacturer
Automobiles/Parts
Transportation/Shipping
Oil/Gas
Insurance
Banking
Retail
Banking
Regional Government
Retail
Transportation/Shipping
Construction
Retail
Transportation/Shipping
Banking
Food/Beverage/Tobacco
Insurance
Banking
Banking
Food/Beverage/Tobacco
Media
Central Government
Media
Banking
Insurance
Consultancy
Media
Telecommunications
Banking
Media
Electricity
Regional Government
Aerospace/Defence
Banking
Casinos/Gaming
Manufacturer
Automobiles/Parts
Central Government
Banking
Automobiles/Parts
Banking
Electricity
Banking
Banking
Association
Other Industry
Retail
Banking
Banking
Travel/Leisure/Hospitality
Banking


Venue

The Westin Paris - Vendôme

westin_paris_terrace

Location:
3 Rue de Castiglione, 75001 Paris, France
Tel: +33 1-44771111

Directions:
Please click here