CONFERENCES & WORKSHOPS PROGRAMME

In today’s complex geopolitical environment, cybersecurity is top of mind for all organizations. Every IT infrastructure relies on DNS, so it is essential to protect DNS from attacks. But at the same time, when implemented correctly using purpose-built technology, DNS can also provide valuable information and improved access control to vital apps and services, making it an active security component for your zero trust framework.

This session explains:

Why visibility, threat intelligence and app access filtering make DNS your first line of defense How to leverage DNS to reduce the attack surface and prevent lateral movement of threats Example use case where DNS enhances zero trust by controlling access to critical services

To develop a true risk-driven cybersecurity strategy, companies, and their Executives, must have a 360° view of their risk exposure. 
Where it often remains very abstract or too technical, while financial trade-offs are at stake, EGERIE thus helps organizations to assess and adjust, almost in real time, the degree of cyber risk weighing on IT systems. 
 By having precise indicators in this way, C-Levels can make the right decisions and precisely know the ROI of the cyber action plan implemented. 
What about discussing this innovative and differentiating approach to risk-based cybersecurity management?

Global crises, geopolitical challenges, the Covid-19 pandemic, the past year has been eventful! Unfortunately, we have also seen some worrying developments in the field of information security. Cybercriminals have not hesitated to find methods of attack to exploit the current social context to their advantage. Moreover, there is an increasing professionalisation in this field. Organisations are now faced with an innovative underground economy where cybercrime as a service has become a common business model. The methods are constantly and rapidly evolving. Hackers do not hesitate to use psychological tactics to manipulate minds. The interface between humans and computers remains the main entry point: more than 85% of attacks start with the human factor. Yan Richard gives an overview of the top five trends in cybercrime in 2023 and explains which psychological factors play a particularly important role in cyberattacks.

Ransomware attacks are here to stay, impacting organizations small and large. The best preparation is a layered defense built on a foundation of redundant and immutable backups. With Wasabi hot cloud storage + backup applications you can protect all your data and mitigate the impact of ransomware attacks on your IT infrastructure. Along with protecting your business, you can protect your back account by using Wasabi’s cloud storage instead the hyperscalers that charge excessive egress and API fees.

Customer identity and access management has evolved. Providing a seamless user experience is no longer enough to meet the demands of companies and their customers.

Enterprises need a cloud platform that provides a seamless customer journey and intelligent risk-based mechanisms to verify and prove customer identity, detect digital fraud, and preserve the user experience.

Learn how to manage the identities of millions of customers to accelerate revenue and build customer loyalty.

Translated with www.DeepL.com/Translator (free version)

Founded in 1990, SQLI is a European digital services group that supports major international brands in creating value through digital. In the context of a Merger & Acquisition and a desire to rationalise SQLI's tools, discover how Tanium has supported SQLI in its strategy by facilitating the automation of processes, optimising the patching rate, significantly reducing the duration of patching campaigns while providing reliable reporting.

Surprisingly, the majority of breach-reasons today are NOT vulnerability-related, but rather caused by misconfiguration, application interfaces, supply chain or credential related security gaps.

Exposure Management is here to allow a strategy and process for addressing the reduction of risk over the entire attack surface.

This session will present a simple, pragmatic approach to implementing an Exposure Management strategy, drawing on the experience of Joël Robin - CTO at Gecina and how they use Automated Security Validation as part of their journey to exposure reduction.

The SOC (Security Operations Center) is now the key element of a Cyber Defense system. The use of a service provider is an effective and adapted response to the challenges of recruitment, expertise, reactivity and control of the associated technological complexity.

Advens has been supporting L'Occitane Group for more than 5 years through an outsourced SOC service. This long-lasting partnership has allowed the company to develop its maturity and its capacity to detect and react to security incidents.

How to set up a SOC-as-a-Service? What monitoring perimeter and how to develop it? How to integrate industrial environments and set up an IT and OT SOC? What is the contribution of EDR and XDR to add reaction to detection?

This testimony will give you concrete answers to all these questions!

Vincent Templier, IS security manager for the CHU and the GHT Est Hérault - Sud Aveyron will give a feedback on the importance and place of a PAM/bastion in the security of an IS, especially in the context of a hospital grouping.

After having implemented the bastion PROVE IT on the IS of the CHU of Montpellier in 2019, Vincent Templier worked on the implementation of this bastion on the whole GHT, which represents more than 8 care structures.

Zero Trust: With 83% of organizations experiencing more than one data breach, stopping malicious actors requires a faster and more effective response than traditional perimeter-based security approaches. To learn more about how HCL BigFix can help you begin your journey to Zero Trust, come meet our team at the HCL Software booth (H37).

Everyone wonders why with all the most advanced cybersecurity technologies and tools, the large budgets spent by government agencies and international companies, cyber attacks continue to proliferate?

Cybercriminals are diversifying their approaches and industrializing them by constantly monitoring your most vulnerable "blind spot" "attack surface" exposed on the Internet.

Find out how SecurityScorecard can help you identify, continuously monitor your attack surface and build a prevention plan to reduce the impact of cyber attacks.

With the rapid evolution of information systems and computer networks in the shipping world, the maritime sector is now a highly connected sector (navigation systems, office workstations used by the crew, platform management systems, etc.) and has seen the emergence of new cyber risks over the last ten years. 

From common threats to the most targeted attacks, from the most widespread malware to the panorama of TTPs (Tactics, Techniques and Procedures) specific to the maritime sector, from the most active cybercriminal actors to the geopolitical challenges, OWN & the M-CERT review the cyber events that marked the year 2022 and the major associated trends in the maritime sector. 

This presentation is based on a year of work carried out in the framework of a partnership between OWN and M-CERT.

Privileged Access Management (PAM) and Identity and Access Governance (IAG) are two complementary concepts that must be used together to provide enhanced security for the company’s IT (Application and/or Techno) systems.

PAM focuses on managing privileged accounts, such as administrator accounts and system accounts, which have high and potentially dangerous access to computer resources. The goal of PAM is to limit access to these accounts and monitor their use to reduce the risk of security breaches.

IAG approach is broader and consolidates access to all the organization’s IT resources, including user accounts. The IAG helps establish security policies and processes to ensure that only authorized individuals have access to the resources needed to do their jobs.

By using both approaches together, an organization enhances its overall security by limiting access to privileged accounts and monitoring their use, while establishing policies and processes to manage access to all enterprise IT resources.