Securing the distributed enterprise

9th e-Crime & Cybersecurity France: Virtual Edition
June 30th 2020

Securing the distributed enterprise
Protect against new cyberthreats, maintain business continuity, support the shift to digital

Until March, the big news in French cybersecurity were the recent fines by the CNIL on, for example, SERGIC and Active Assurances (largely under GDPR Article 32), fines triggered by basic failures to implement appropriate security measures to keep customer data safe.

GDPR disclosure requirements and fines, it seemed, indicated that in digitalising their businesses companies were and still are struggling to secure core data assets.

The spread of COVID-19 has changed all that.

It has created fundamental challenges to companies' ability to protect their systems and employees while continuing to serve their customers. Entire workforces have been transplanted to their homes and forced to shift their entire work life to the digital realm.

Out of necessity, remote access and wide-ranging privileges have been granted across organisations. And at the same time, businesses across every sector are ramping up online product and service delivery as fast as possible.

All of these responses have massively increased cybersecurity risk.

Large-scale adoption of work-from-home collaboration tools, rapid scaling of customer-facing networks and websites, greater all-round use of cloud and online applications, and the vast increase in data flows across previously controlled network boundaries are changing business paradigms on the fly. Cybersecurity is already finding it hard to play catch-up with this almost instantaneous digital and online pivot.

The hackers have noticed. They are already exploiting weaknesses in this new distributed business model. Phishing is easier in this stressed environment; DDoS and ransomware attacks more damaging (and so more lucrative); controls easier to subvert. Everything from corporates, to charities, to hospitals and other critical infrastructure is under attack.

As the entire business goes off-premise, how should CISOs react? What are the key priorities? How do CISOs ensure that they and their teams are secure as well as key employees and business processes? What is the initial response versus the longer-term?

 

The 9th e-Crime & Cybersecurity Congress France will take place online and will look at how cybersecurity teams are tackling this dramatically different threatscape. Join us for real-life case studies and in-depth technical sessions from the security and privacy teams behind some of the world's most admired brands.

  • Securing and protecting remote employees

    • The shift to home-working amplifies the BYOD / remote security issue: unsecured data transmission, use of VPNs, employees using workarounds to achieve tasks under pressure, the security of free video and collaboration tools, and so on.
    • What are the quick fixes and the longer-term solutions?
    • What about CISOs and their teams? They need unfettered remote access to the most sensitive systems and information - are they the weakest link? How can they ensure they're not hacked?
  • Maintaining the human firewall

    • With normal security measures compromised, employees are an even more critical frontline against cyberthreats - but they're stressed, and separated from coworkers they could ask about suspicious calls or emails.
    • What can cybersecurity teams do to help their colleagues protect themselves and the business?
    • Scammers are taking advantage of the situation - does email security need to be ramped up, even if it affects productivity? Are there other solutions?
  • Securing the customer - are your websites up to it?

    • The immediate need to move to online business channels creates a host of security and monitoring challenges
    • Are existing websites scalable to securely meet additional customer demands?
    • Do you rely too heavily on a single supplier? And what about the recent security changes to browsers such as Chrome which impact existing websites?
  • Rethinking identity and access management

    • Employees need off-site access to apps, data and other network resources - existing IDAM policies will need to be re-written fast
    • How can you restructure IDAM quickly? How can you push MFA to the whole network?
    • Can consumer-grade software be incorporated?
  • Performing critical security tasks remotely - how can CISOs regain control?

    • Employees for whom long-term, secure remote working processes hadn't been set up in advance will not just be outside centrally controlled endpoint protection processes, they'll be beyond any patching and update processes.
    • Many security tools depend on being on the local network. How can security teams manage the basics remotely?
    • Will remediation and reimaging capabilities work as intended in a remote environment? What updates are needed to incident response playbooks?
    • Most organisations have 'abandoned' their existing office environments - including all the devices within them. These need to be monitored and protected too. Can it be done remotely?
  • Stuck in the Cloud

    • Most companies have been forced to rely on Cloud-based apps and storage
    • So, they need visibility and controls, they need logs from providers to review for unauthorised access and data exfiltration, and they need to limit unauthorised access and services.
    • And what do their Cloud contracts say about force majeure?
  • Protection versus business needs

    • There is a wider strategic challenge: many businesses now face an existential threat and must take rapid and extraordinary actions to survive
    • Their requests for technologies to help them do this will demand near-instant responses and extreme flexibility
    • Never has it been more important that security teams understand and enable the business

Who attends

Job Titles

Directeur de mission
RSSI
Ingénieur SSI
PCI Manager
Chargé de mission
RSSI
I.T. Security Architect
Legal Counsel
Ingénieur de Production
Directeur Général
CISO/RSSI
Chargé de mission SSI
Chargé de Mission
InformationSecurity Expert
Directeur informatique
RSSI
CISO
Responsable Sécurité
Responsable Support
RSSI
CISO
RSSI
RSSI
IT Security Architect
CISO - RSSI
Global Securite de Production
Cybersecurity Director
RSSI
IT Manager
Responsable écurité
Information Security Manager
RSSI
Expert Sécurité SI
RSSI
I.T. Security Officer
RSSI
Risk Manager
RSSI
Group Deputy CSO
RSSI
Cellule Anti Abus
Data Privacy & Security
Product manager
Information Security Officer
RSSI Groupe
Vice-Président
CISO
Manager, IT Advisory
RSSI
Industry Relations
RSSI / CISO
I.T. & Security Internal Auditor
Responsable de la gouvernance SSI
Responsable cellule e-fraude
CISO
Operations Manager
Risk Manager
Réseau SSI
RSSI
Group Information Security Officer
Chef de projet sécurité
Responsable du SOC
RSSI
Head Cyber and Tech
IT Security
RSSI
Head of software engineering
Group Information Security Officer
Head of Content Security
Investigateur
RSSI
Senior IT Security Consultant
Chef de Projets SOC
CISO
IT Manager
RSSI, Directeur IT
RSSI
RSSI
RSSI
Ingénieur
Head of Anti-Fraud
Head of Professional I & M
Expert Sécurité
Group IT Security Officer
Access Solution Service Manager
RSSI
Directeur Infogérance
Expert SSI
RSSI
RSSI
IT Project Manager
Responsable ADV & Logistique
Chef de projet Sécurité
Responsable Global Cyber Securite
SI Security Expert
Directeur de l'Innovation
RSSI-CIL
E-Payment Project Manager
RSSI
Directeur Sécurité
Directeur Sécurité du SI
Information Security & Risk
Expert Technique
Cellule e-Fraude
Business Security Officer
IT Auditor
Global CISO
RSSI-O
IT Security Officer
Group CISO
RSSI
Direction des Systèmes d'Information
IT Security Consultant
Chief Security Officer
RSSI
Architecte SI
Inspecteur, auditeur en SI
RSSI
RSSI/CISO & PMO
Directeur Risques et Securité
RSSI
M2M Partnership Manager
Project Manager
IT Security Consultant
Information Security Manager
CSO - Responsable Securité
RSSI
RSSI
CISO - RSSI
CISO
Cybercrime Director
Network & Security Engineer
Senior legal counsel
I.T. Senior Risk Advisor
Directeur
CISO
Directeur des Opérations
RSSI
Ingénieur sécurité réseau
Directeur programme SSI
RSSI
Chief Information Security Officer
Sécurité des Systèmes d'Information
IT Security Expert
Information Security Risk Manager
Security Manager
Police officer
Head of IT Infrastructure
Directeur cyber-défense
Lutte contre la Fraude
Group Security Officer
Product Manager
Sécurité Opérationnelle Internet
Trustee
RSSI
Network & Security Engineer
CSIRT
Equipe RSSI
RSSI
RSSI

Companies

SNCF
Camaïeu SA
CNES
Credit Mutuel
SNCF
Council of Europe
Air France-KLM
Crédit Agricole
CDC Arkhineo
SnapElite
Coface
UGAP
Préfecture de Police
BNP Paribas
FlightSafety
Neuflize OBC
Banque Privée 1818
GMX
Ministère de la Justice
BNP Paribas Wealth Management
AREVA
Prosodie
Euromaster
BNP Paribas
Viadeo
BNP Paribas
AXA
Armatis-LC
Euler Hermes
Groupe Beaumanoir
Sodexo
vivarte
Auchan
Groupama Asset Management
BNP Paribas
Éditions Gallimard
Université Paris Dauphine
Fondation de France
GDF SUEZ
Clarins Group
La Poste
GE Capital
LCL
Staples
BNP Paribas
EESTEL
Assistance Publique - Hôpitaux de Paris
Deloitte & Touche
Voyages-SNCF
La Poste
EQIOM
LCH Clearnet
Société Générale
Société Générale
Groupe Galeries Lafayette
La Française des Jeux
Vies De Paris
SNCF
Pari Mutuel Urbain
Air France-KLM
Arval
CNAMTS
Xerox
Swiss Re
STET
Veolia Eau
GMX
Mondial Assistance
Orange
GAPA Investigations Privées
AREVA
Total
CNAMTS
Groupe Pasteur Mutualité
NEVA GROUP
Assistance Publique - Hôpitaux de Paris
Université Paris Dauphine
La Banque Postale
Generali
Enterprise Holdings
Société Générale
Zurich Financial Services
Kering
ArcelorMittal
Sanofi-Aventis
Norauto
La Poste
Pari Mutuel Urbain
SnapElite
Ministère de l'Economie et des Finances
EDF Energy
SFR
Vente-privee.com
BNP Paribas
Société Générale
Monext
Promod
Parkeon
Institut National de l'audiovisuel
L'Oréal
Crédit Foncier
BNP Paribas
La Poste
Société Générale
Automatic Data Processing
Société Générale
Chanel
Boursorama
Delta Lloyd Group
Plastic Omnium
EuropCar
Aéroports de Paris
GDF SUEZ
Coface
Société Générale
Camaïeu SA
Banque de France
Mairie de Paris
Auchan
La Poste
Groupe Samse
SFR
La Poste
STET
Heineken
AXA
Banque de France
Partecis
Adisseo
Les Echos
Police Nationale
Publicis
Crédit Agricole
Chubb (ACE Group)
NEVA GROUP
Radio France
Orange
Humanis
Publicis
EDF Energy
Conseil Général de la Manche
DAHER
MMA
La Française des Jeux
Bombardier
Renault
Police Nationale
Société Générale
Faurecia
Société Générale
EDF Energy
Monext
HSBC
CLUSIF
Recylum
Kering
BNP Paribas
Boursorama
Sodexo
Monext

Industries

Transportation/Shipping
Retail
Central Government
Banking
Transportation/Shipping
Central Government
Transportation/Shipping
Banking
Security Product Vendor
Software
Insurance
Retail
National Law Enforcement
Banking
Aerospace/Defence
Banking
Banking
Software
Central Government
Banking
Construction
Banking
Retail
Banking
Media
Banking
Insurance
Telecommunications
Banking
Manufacturer
Travel/Leisure/Hospitality
Manufacturer
Retail
Banking
Banking
Media
Education
Charity
Oil/Gas
Pharmaceuticals
Transportation/Shipping
Industrial Engineering
Banking
Retail
Banking
Association
Healthcare Services
Accounting/Auditing
Travel/Leisure/Hospitality
Transportation/Shipping
Construction
Banking
Banking
Banking
Retail
Casinos/Gaming
Other Industry
Transportation/Shipping
Casinos/Gaming
Transportation/Shipping
Automobiles/Parts
Insurance
Electronic/Electrical Equipment
Insurance
Banking
Water/Sewage
Software
Insurance
Telecommunications
Consultancy
Construction
Oil/Gas
Insurance
Healthcare Services
Consultancy
Healthcare Services
Education
Banking
Insurance
Transportation/Shipping
Banking
Insurance
Retail
Industrial Engineering
Pharmaceuticals
Automobiles/Parts
Transportation/Shipping
Casinos/Gaming
Software
Central Government
Electricity
Retail
Retail
Banking
Banking
Banking
Retail
Electronic/Electrical Equipment
Media
Household/Personal Products
Banking
Banking
Transportation/Shipping
Banking
Software/Hardware
Banking
Retail
Banking
Insurance
Manufacturer
Automobiles/Parts
Transportation/Shipping
Oil/Gas
Insurance
Banking
Retail
Banking
Regional Government
Retail
Transportation/Shipping
Construction
Retail
Transportation/Shipping
Banking
Food/Beverage/Tobacco
Insurance
Banking
Banking
Food/Beverage/Tobacco
Media
Central Government
Media
Banking
Insurance
Consultancy
Media
Telecommunications
Banking
Media
Electricity
Regional Government
Aerospace/Defence
Banking
Casinos/Gaming
Manufacturer
Automobiles/Parts
Central Government
Banking
Automobiles/Parts
Banking
Electricity
Banking
Banking
Association
Other Industry
Retail
Banking
Banking
Travel/Leisure/Hospitality
Banking