Agenda

08.00 - 08.50

Breakfast and networking 

08.50 - 09.00

Chairman's welcome

09.00 - 09.20

► Who's "transforming" your organisation? The relationship between innovation and cybersecurity 

Bertrand Cahen, Chief Digital Officer, Eiffage

  • Context & impacts of digitalisation on culture, behaviors and power plays in the company
  • Challenges and digital strategy / data - feedback from Eiffage Construction
  • Deploy new methods of collaboration for more sustainable performance
  • The human being at the heart of the device: Driving change in digital transformation
09.20 - 09.40

► Digital Identities, Social Engineering and Mule Networks

 Stephen Topliss, VP of Products, ThreatMetrix

  • How Digital Identities are used today to enhance new customer acquisition on the digital channel and protect digital banking sessions for existing customers
  • Specific approaches to identify the risk of Social Engineering based account takeover
  • How a targeted approach to real-time mule account detection can enhance existing fraud prevention strategies
09.40 - 10.00

Executive panel discussion

New Technologies, new CISO: how digitalisation is changing the CISO's role 

  • Grégoire Alex-Rollmann, Head of Information Systems Security at Manutan International
  • Henrik Joulin, GSO & DPO, Icare Assurance
  • Bertrand Cahen, Chief Digital Officer, Eiffage Construction
10.00 - 10.20

► 10 reasons why admin rights must go

William Culbert, Director Southern Europe, BeyondTrust    

  • Uncover the hidden dangers of admin rights, with 10 powers of an admin user that put your organization at risk
  • Learn how to drastically reduce the attack surface on the endpoint in hours, not months 
  • See how end users can still perform all their usual tasks by elevating tasks and applications, never users  
10.20 - 11.00

Education Seminar Session 1

Delegates will be able to choose from a range of topics:

  • Secure file collaboration with the Accellion governance platform, Samuel Benelheni, Senior Enterprise Solutions Consultant for France & Southern Europe, Accellion
  • Risky Business: A Privacy & Security Team’s Guide to Risk Scoring, Victoria Gardin, Privacy Consultant, OneTrust 
11.00 - 11.30

Networking and refreshments

11.30 - 11.50

► Security across borders

Alexandre Diemer, CISO, Council of Europe

  • Identity management at the heart of border protection 
  • How to implement a strategy to protect data in all 47 countries of the Council of Europe?
  • The Cloud. What are the risks and how to secure the cloud?
  • Balancing act: technical vs organisational
11.50 - 12.10

Presentation by OneLogin

12.10 - 12.30

► COMBATTING TODAY’S ADVANCED ATTACKER: Key Trends, Predictions and the Need for Speed

Joël Mollo, Regional Director, South EMEA, CrowdStrike

  • Real world examples of how cybercriminals combine advanced, targeted attack techniques with ransomware to cause massive financial loss. How can your organisation AVOID this?
  • GAIN INSIGHT into global ‘breakout time’ metrics and achieving the “1-10’60” rule to defeat the adversary and prevent a mega breach.
  • PREPARE FOR THE NOW - Hear about the most favored TTPs observed over the last 12 months to predict what you should expect to see in 2019.
12.30 - 12.50

► How to Use BitSight Security Ratings?

Alain Melamed, Regional Manager, Cybersel on behalf of BitSight 

Find out how BitSight’s Security Ratings can help organizations and cyber insurers to reduce risk by:

  • scaling their vendor risk management programs
  • benchmarking their performance against industry peers
  • reporting security progress and results to Boards of Directors 
  • measuring the cybersecurity performance of potential acquisition targets or portfolio companies. 
12.50 - 13.30

► Education Seminar Session 2

Delegates will be able to choose from a range of topics:

  • Presentation by ManageEngine
  • Hunt down your opponents with Cyber ​​Threat Intelligence and MITER ATT & CK, Jermain Njemanze, Sales Engineer, Anomali 

 

13.30 - 14.30

Lunch and networking 

14.30 - 14.50

►  GDPR and beyond. Post deadline case studies and actions on waht you and your business need to know

Sébastien Oueslati, CISO and Head of Information Security Systems, large social welfare organisation

  • Protection of your clients' personal data: a key challenge 
  • Indirect effects of new regualtion 
  • Reconciling GDPR and Big Data
  • The post GDPR era 
     
14.50 - 15.10

Presentation by LogMeIn

15.10 - 15.30

► Enterprise “cloudification” and its impact on IT and security

Ivan Rogissart, Regional SE Manager Southern Europe, Zscaler

  • With more than 70% of companies migrating all or part of their applications to the cloud, it is logical that security should also adopt a similar strategy
  • The environment has evolved and the historic approach of stacking security tools into data centers is no longer relevant, as cloud and mobility provide agility and immediacy
  • A new approach is therefore needed to ensure their protection by taking advantage of the benefits of the Internet as an extended network
15.30 - 16.10

► Education Seminar Session 3

Delegates will be able to choose from a range of topics:

  • A Privacy Playbook for "Reasonable and Appropriate" Security Measures and Safeguards, Victoria Gardin, Privacy Consultant, OneTrust
  • Presentation by Illumio
16.10 - 16.30

Networking and refreshments

16.30 - 16.50

► Sustaining information: What kind of data, for what purpose?

Adoté Chilloh, Joint Director of Information Systems and Operational Head of Security, National Library of France

  • What is meant by digital document - Definitions - the data concerned
  • What are the potential risks of preserving digital documents
  • Why sustain information: What steps to minimize this risk
  • Example cases in libraries
16.50 - 17.10

►  Cybersecurity risk: measuring what counts

Vincent Gapaillard, CISO and Head of Information Security Systems, Lagardère Travel Retail

  • Cyber ​​risk treatment
  • How to manage cyber-​​risk measurement and treatment
  • Implementing a cyber culture to address risks
  • How to capitalise on existing resources to offer value-added services
17.10 - 17.30

Taking the risk with cyber. Integrating cybersecurity stragtefy into business infrastructure 

Stéphane Tournadre, CISO, Laboratoires Servier

  • How is cyber risk integrated into the company's protection strategy?
  • What collaboration should there be between the CISO, the Risk Committee, the ISD and the COMEX?
  • How to map and measure cyber risk?
17.30 - 17.30

Conference close

Education seminars


Accellion - Secure file collaboration with the Accellion governance platform


Samuel Benelheni, Senior Enterprise Solutions Consultant for France & Southern Europe, Accellion

Cyber-security helps establish and maintain the enterprise vision, strategy, and goals. Discover how to with Accellion technology.

  • See every file entering and leaving your organization for complete compliance and control
  • Protect against internal leaks, external threats and process failures.
  • CISO Dashboard for deep insight into the exchange of sensitive information

Anomali - Hunt down your opponents with Cyber ​​Threat Intelligence and MITER ATT & CK


Jermain Njemanze, Sales Engineer, Anomali

When you are the target of cyber attacks, it is better to be proactive than reactive to defend yourself. This is possible by combining Cyber ​​Threat Intelligence with MITER ATT & CK. By managing information on cyber threats, Anomali allows you to know the scale of their attacks in order to anticipate and prevent them.

  • What is Cyber ​​Threat Intelligence and how do you use it to conduct a cyber survey?
  • What is the importance of the MITER ATT & CK threat model in a cyber survey?
  • How to use this information to better ensure the security of your computer network?

OneTrust - Risky Business: A Privacy & Security Team’s Guide to Risk Scoring


Victoria Gardin, Privacy Consultant, OneTrust 

Risk scoring across vendor management, breach notifications, DPIAs and other activities is imperative for compliance with many global privacy laws and security frameworks. Organizations routinely tailor their data protection and security activities based on the results of detailed risk assessments, but this leads to a myriad of questions. How do you calculate risk? What constitutes low, medium or high risk? How do you define a risk criteria? What’s the difference between inherent, current and residual risk? In this session, we’ll detail the importance of conducting risk assessments under global privacy laws like the GDPR and security frameworks such as ISO 27001, provide scenario-based approaches to risk assessment and give examples on how to tailor your approaches based on risk level.  

  • Understand various approaches to conducting risk assessments
  • Learn how to define a risk criteria and how to calculate risk level
  • Learn how to tailor your privacy and security programs using a risk-based approach

OneTrust - A Privacy Playbook for "Reasonable and Appropriate" Security Measures and Safeguards


Victoria Gardin, Privacy Consultant, OneTrust

With a new era of privacy regulations upon us, requirements for implementing "reasonable and appropriate" security measures and safeguards are becoming more common than ever.  While privacy and security professionals often view security from different perspectives and may have competing priorities, there are a number of ways in which these differences can be used to the advantage of both teams. In this session, we'll share a playbook on how to build a harmonized and risk-based security framework that addresses a variety of divisions within an organization, as well as how security and privacy teams can work together to become more effective.

  • Understand the requirements and importance of implementing "reasonable and appropriate" security measures and safeguards for privacy professionals
  • Outline several areas of common ground that should help every organization align their security and privacy operations
  • Take away a playbook for building a harmonized and risk-based security framework