08.00 - 08.50

Breakfast and networking 

08.50 - 09.00

Chairman's welcome

09.00 - 09.20

► Who's "transforming" your organisation? The relationship between innovation and cybersecurity 

Bertrand Cahen, Chief Digital Officer, Eiffage

  • Context & impacts of digitalisation on culture, behaviors and power plays in the company
  • Challenges and digital strategy / data - feedback from Eiffage Construction
  • Deploy new methods of collaboration for more sustainable performance
  • The human being at the heart of the device: Driving change in digital transformation
09.20 - 09.40

► Digital Identities, Social Engineering and Mule Networks

 Stephen Topliss, VP of Products, ThreatMetrix

  • How Digital Identities are used today to enhance new customer acquisition on the digital channel and protect digital banking sessions for existing customers
  • Specific approaches to identify the risk of Social Engineering based account takeover
  • How a targeted approach to real-time mule account detection can enhance existing fraud prevention strategies
09.40 - 10.00

Executive panel discussion

New Technologies, new CISO: how digitalisation is changing the CISO's role 

  • Grégoire Alex-Rollmann, Head of Information Systems Security at Manutan International
  • Henrik Joulin, GSO & DPO, Icare Assurance
  • Bertrand Cahen, Chief Digital Officer, Eiffage Construction
10.00 - 10.20

► 10 reasons why admin rights must go

William Culbert, Director Southern Europe, BeyondTrust    

  • Uncover the hidden dangers of admin rights, with 10 powers of an admin user that put your organization at risk
  • Learn how to drastically reduce the attack surface on the endpoint in hours, not months 
  • See how end users can still perform all their usual tasks by elevating tasks and applications, never users  
10.20 - 11.00

Education Seminar Session 1

Delegates will be able to choose from a range of topics:

  • Secure file collaboration with the Accellion governance platform, Samuel Benelheni, Senior Enterprise Solutions Consultant for France & Southern Europe, Accellion
  • Risky Business: A Privacy & Security Team’s Guide to Risk Scoring, Victoria Gardin, Privacy Consultant, OneTrust 
11.00 - 11.30

Networking and refreshments

11.30 - 11.50

► Security across borders

Alexandre Diemer, CISO, Council of Europe

  • Identity management at the heart of border protection 
  • How to implement a strategy to protect data in all 47 countries of the Council of Europe?
  • The Cloud. What are the risks and how to secure the cloud?
  • Balancing act: technical vs organisational
11.50 - 12.10

 Challenges related to Identity Management and Enterprise Access

Kévin Navette, Regional Sales Manager, OneLogin

  • Creation of Access
  • User Authentication
  • Security of Access
  • Update or removal of Access
12.10 - 12.30

► COMBATTING TODAY’S ADVANCED ATTACKER: Key Trends, Predictions and the Need for Speed

Joël Mollo, Regional Director, South EMEA, CrowdStrike

  • Real world examples of how cybercriminals combine advanced, targeted attack techniques with ransomware to cause massive financial loss. How can your organisation AVOID this?
  • GAIN INSIGHT into global ‘breakout time’ metrics and achieving the “1-10’60” rule to defeat the adversary and prevent a mega breach.
  • PREPARE FOR THE NOW - Hear about the most favored TTPs observed over the last 12 months to predict what you should expect to see in 2019.
12.30 - 12.50

► How to Use BitSight Security Ratings?

Alain Melamed, Regional Manager, Cybersel on behalf of BitSight 

Find out how BitSight’s Security Ratings can help organizations and cyber insurers to reduce risk by:

  • scaling their vendor risk management programs
  • benchmarking their performance against industry peers
  • reporting security progress and results to Boards of Directors 
  • measuring the cybersecurity performance of potential acquisition targets or portfolio companies. 
12.50 - 13.30

► Education Seminar Session 2

Delegates will be able to choose from a range of topics:

  • Decrypting the security mystery with SIEM, Christophe Coraboeuf Bensaïs, SIEM and IT Security Product Manager, ManageEngine
  • Detect Your Adversaries with Cyber Threat Intelligence and MITRE ATT&CK, Jermain Njemanze, Sales Engineer, Anomali 
13.30 - 14.30

Lunch and networking 

14.30 - 14.50

►  GDPR and beyond. Post deadline case studies and actions on waht you and your business need to know

Sébastien Oueslati, CISO and Head of Information Security Systems, large social welfare organisation

  • Protection of your clients' personal data: a key challenge 
  • Indirect effects of new regualtion 
  • Reconciling GDPR and Big Data
  • The post GDPR era 
14.50 - 15.10

► Vos employés et leurs mots de passe

Tim Leroy, Solutions Consultant EMEA, LogMeIn

  • Comment les entreprises peuvent-elles atténuer les problèmes de mot de passe 
  • Comment quantifier les coûts de mot de passe pour justifier un investissement dans une solution d’Enterprise Performance Management (EPM)
  • Ce qu’il faut rechercher dans une solution EPM, y compris les conseils de Forrester pour la sélection d’un fournisseur
15.10 - 15.30

► Enterprise “cloudification” and its impact on IT and security

Ivan Rogissart, Regional SE Manager Southern Europe, Zscaler

  • With more than 70% of companies migrating all or part of their applications to the cloud, it is logical that security should also adopt a similar strategy
  • The environment has evolved and the historic approach of stacking security tools into data centers is no longer relevant, as cloud and mobility provide agility and immediacy
  • A new approach is therefore needed to ensure their protection by taking advantage of the benefits of the Internet as an extended network
15.30 - 16.10

► Education Seminar Session 3

Delegates will be able to choose from a range of topics:

  • A Privacy Playbook for "Reasonable and Appropriate" Security Measures and Safeguards, Victoria Gardin, Privacy Consultant, OneTrust
  • Protect You Digital Crown Jewels, Mario Massard, Systems Engineer, Illumio
16.10 - 16.30

Networking and refreshments

16.30 - 16.50

► Sustaining information: What kind of data, for what purpose?

Adoté Chilloh, Joint Director of Information Systems and Operational Head of Security, National Library of France

  • What is meant by digital document - Definitions - the data concerned
  • What are the potential risks of preserving digital documents
  • Why sustain information: What steps to minimize this risk
  • Example cases in libraries
16.50 - 17.10

►  Cybersecurity risk: measuring what counts

Vincent Gapaillard, CISO and Head of Information Security Systems, Lagardère Travel Retail

  • Cyber ​​risk treatment
  • How to manage cyber-​​risk measurement and treatment
  • Implementing a cyber culture to address risks
  • How to capitalise on existing resources to offer value-added services
17.10 - 17.30

Taking the risk with cyber. Integrating cybersecurity stragtefy into business infrastructure 

Stéphane Tournadre, CISO, Laboratoires Servier

  • How is cyber risk integrated into the company's protection strategy?
  • What collaboration should there be between the CISO, the Risk Committee, the ISD and the COMEX?
  • How to map and measure cyber risk?
17.30 - 17.30

Conference close

Education seminars

Accellion - Secure file collaboration with the Accellion governance platform

Samuel Benelheni, Senior Enterprise Solutions Consultant for France & Southern Europe, Accellion

Cyber-security helps establish and maintain the enterprise vision, strategy, and goals. Discover how to with Accellion technology.

  • See every file entering and leaving your organization for complete compliance and control
  • Protect against internal leaks, external threats and process failures.
  • CISO Dashboard for deep insight into the exchange of sensitive information

Anomali - Detect Your Adversaries with Cyber Threat Intelligence and MITRE ATT&CK

Jermain Njemanze, Sales Engineer, Anomali

Knowing your adversaries makes it that much easier to anticipate, detect and prevent their attacks. This is the whole purpose of combining Cyber Threat Intelligence with the MITRE ATT&CK framework. Anomali helps you shift from a reactive mindset to a proactive one and stay ahead of the cyber threats targeting you.


  • What is Cyber Threat Intelligence and how is it used to carry out a cyber survey?
  • What is the interest and importance of the MITRE ATT&CK threat model in a cyber survey?
  • How can this information be used to better ensure the security of its computer network?


Illumio - Protect You Digital Crown Jewels

Mario Massard, Systems Engineer, Illumio

  • Companies of all sizes are struggling to ensure that their network is truly secure using aging firewall security systems. 
  • Micro-segmentation, when implemented correctly, can give them the security that they need and provide tremendous network visibility in the process.
  • Join us to learn what micro-segmentation is, how it works, and how to implement it.

ManageEngine - Decrypting the security mystery with SIEM:

Christophe Coraboeuf Bensaïs, SIEM and IT Security Product Manager, ManageEngine

With the evolution of cyber-attacks, basic log management techniques 
no longer suffice. To combat these advanced threats and meet the 
growing demands of the security market, SIEM solutions have also 
been evolving.

  • What is SIEM
  • Security Domains
  • Actionable Info through normalisation
  • Compliance and security regulations

OneTrust - Risky Business: A Privacy & Security Team’s Guide to Risk Scoring

Victoria Gardin, Privacy Consultant, OneTrust 

Risk scoring across vendor management, breach notifications, DPIAs and other activities is imperative for compliance with many global privacy laws and security frameworks. Organizations routinely tailor their data protection and security activities based on the results of detailed risk assessments, but this leads to a myriad of questions. How do you calculate risk? What constitutes low, medium or high risk? How do you define a risk criteria? What’s the difference between inherent, current and residual risk? In this session, we’ll detail the importance of conducting risk assessments under global privacy laws like the GDPR and security frameworks such as ISO 27001, provide scenario-based approaches to risk assessment and give examples on how to tailor your approaches based on risk level.  

  • Understand various approaches to conducting risk assessments
  • Learn how to define a risk criteria and how to calculate risk level
  • Learn how to tailor your privacy and security programs using a risk-based approach

OneTrust - A Privacy Playbook for "Reasonable and Appropriate" Security Measures and Safeguards

Victoria Gardin, Privacy Consultant, OneTrust

With a new era of privacy regulations upon us, requirements for implementing "reasonable and appropriate" security measures and safeguards are becoming more common than ever.  While privacy and security professionals often view security from different perspectives and may have competing priorities, there are a number of ways in which these differences can be used to the advantage of both teams. In this session, we'll share a playbook on how to build a harmonized and risk-based security framework that addresses a variety of divisions within an organization, as well as how security and privacy teams can work together to become more effective.

  • Understand the requirements and importance of implementing "reasonable and appropriate" security measures and safeguards for privacy professionals
  • Outline several areas of common ground that should help every organization align their security and privacy operations
  • Take away a playbook for building a harmonized and risk-based security framework