CONFERENCES & WORKSHOPS PROGRAMME

22 March 2023 09:00 to 09:45 Croisette Room Workshop

Organized by EFFICIENTIP

Zero Trust: Using DNS as an Enabler of Your First Line of Defense

In today’s complex geopolitical environment, cybersecurity is top of mind for all organizations. Every IT infrastructure relies on DNS, so it is essential to protect DNS from attacks. But at the same time, when implemented correctly using purpose-built technology, DNS can also provide valuable information and improved access control to vital apps and services, making it an active security component for your zero trust framework.

This session explains:

• Why visibility, threat intelligence and app access filtering make DNS your first line of defense
• How to leverage DNS to reduce the attack surface and prevent lateral movement of threats
• Example use case where DNS enhances zero trust by controlling access to critical services

Conference Moderator:

Alexandre CASSEZ
Customer Solutions Architect – EFFICIENTIP

22 March 2023 09:00 to 09:45 Lérins Room Workshop

Organized by EGERIE

How to predict the ROI of a risk-driven cybersecurity strategy?

Speaker:

Claire STOUT
Cybersecurity Engineer – EGERIE

22 March 2023 09:00 to 09:45 Esterel Room Workshop

Organized by SOSAFE

The professionalisation of cybercrime: the five biggest trends in 2023.

Global crises, geopolitical challenges, the Covid-19 pandemic, the past year has been eventful! Unfortunately, we have also seen some worrying developments in the field of information security. Cybercriminals have not hesitated to find methods of attack to exploit the current social context to their advantage. Moreover, there is an increasing professionalisation in this field. Organisations are now faced with an innovative underground economy where cybercrime as a service has become a common business model. The methods are constantly and rapidly evolving. Hackers do not hesitate to use psychological tactics to manipulate minds. The interface between humans and computers remains the main entry point: more than 85% of attacks start with the human factor. Yan Richard gives an overview of the top five trends in cybercrime in 2023 and explains which psychological factors play a particularly important role in cyberattacks.

Speaker:

Yan RICHARD
Director Southern Europe – SOSAFE

22 March 2023 09:00 to 09:45 RIVIERA VIP CLUB Workshop

Organized by WASABI TECHNOLOGIES

Modern Data Protection with Wasabi Hot Cloud Storage + Immutabile Backup

Ransomware attacks are here to stay, impacting organizations small and large. The best preparation is a layered defense built on a foundation of redundant and immutable backups. With Wasabi hot cloud storage + backup applications you can protect all your data and mitigate the impact of ransomware attacks on your IT infrastructure. Along with protecting your business, you can protect your back account by using Wasabi’s cloud storage instead the hyperscalers that charge excessive egress and API fees.

Speaker:

Eric PETERS
Enterprise and Public Sales Director, France-Benelux – WASABI TECHNOLOGIES

22 March 2023 14:30 to 15:15 Croisette Room Workshop

Organized by PING IDENTITY

The identity to implement innovative digital experiences for customers (CIAM)

Customer identity and access management has evolved. Providing a seamless user experience is no longer enough to meet the demands of companies and their customers.

Enterprises need a cloud platform that provides a seamless customer journey and intelligent risk-based mechanisms to verify and prove customer identity, detect digital fraud, and preserve the user experience.

Learn how to manage the identities of millions of customers to accelerate revenue and build customer loyalty.

Translated with www.DeepL.com/Translator (free version)

Speakers:

22 March 2023 14:30 to 15:15 Lérins Room Workshop

Organized by TANIUM

SQLI's return of experience on Patch Management with Tanium

Founded in 1990, SQLI is a European digital services group that supports major international brands in creating value through digital. In the context of a Merger & Acquisition and a desire to rationalise SQLI's tools, discover how Tanium has supported SQLI in its strategy by facilitating the automation of processes, optimising the patching rate, significantly reducing the duration of patching campaigns while providing reliable reporting.

Conference Moderator:

Mamoun BELAAROUSSI
Directeur des comptes stratégiques – TANIUM

Speaker:

Allia RUDY
DSSI – SQLI

22 March 2023 14:30 to 15:15 Esterel Room Workshop

Organized by Pentera Security Ltd

Security Validation at the Heart of Exposure Management featuring Gecina

Surprisingly, the majority of breach-reasons today are NOT vulnerability-related, but rather caused by misconfiguration, application interfaces, supply chain or credential related security gaps.

Exposure Management is here to allow a strategy and process for addressing the reduction of risk over the entire attack surface.

This session will present a simple, pragmatic approach to implementing an Exposure Management strategy, drawing on the experience of Joël Robin - CTO at Gecina and how they use Automated Security Validation as part of their journey to exposure reduction.

Speakers:

23 March 2023 09:00 to 09:45 Croisette Room Workshop

Organized by ADVENS

Implementation of an outsourced SOC: Feedback from L'Occitane with Advens

The SOC (Security Operations Center) is now the key element of a Cyber Defense system. The use of a service provider is an effective and adapted response to the challenges of recruitment, expertise, reactivity and control of the associated technological complexity.

Advens has been supporting L'Occitane Group for more than 5 years through an outsourced SOC service. This long-lasting partnership has allowed the company to develop its maturity and its capacity to detect and react to security incidents.

• How to set up a SOC-as-a-Service?
• What monitoring perimeter and how to develop it?
• How to integrate industrial environments and set up an IT and OT SOC?
• What is the contribution of EDR and XDR to add reaction to detection?

This testimony will give you concrete answers to all these questions!

Conference Moderator:

Arnaud HESS
Head of Business Development – ADVENS

Speaker:

Aurélien SIMONET
Information Security Domain Leader – L'OCCITANE

23 March 2023 09:00 to 09:45 Lérins Room Workshop

Organized by RUBYCAT

Feedback from the GHT Est Hérault Sud Aveyron - The place of the PAM/bastion in the security of an IS

Vincent Templier, IS security manager for the CHU and the GHT Est Hérault - Sud Aveyron will give a feedback on the importance and place of a PAM/bastion in the security of an IS, especially in the context of a hospital grouping.

After having implemented the bastion PROVE IT on the IS of the CHU of Montpellier in 2019, Vincent Templier worked on the implementation of this bastion on the whole GHT, which represents more than 8 care structures.

Speakers:

23 March 2023 09:00 to 09:45 Esterel Room Workshop

Organized by HCL SOFTWARE

Enterprise Security: Zero Trust

Zero Trust: With 83% of organizations experiencing more than one data breach, stopping malicious actors requires a faster and more effective response than traditional perimeter-based security approaches. To learn more about how HCL BigFix can help you begin your journey to Zero Trust, come meet our team at the HCL Software booth (H37).

Conference Moderator:

Jean-Benoit NONQUE
BigFix Sales Leader – HCL SOFTWARE

Speaker:

Camille PROUX
Technical Advisor BigFoix – HCL SOFTWARE

23 March 2023 14:30 to 15:15 Croisette Room Workshop

Organized by SECURITYSCORECARD

Do you know what hackers will exploit from your attack surface?

Everyone wonders why with all the most advanced cybersecurity technologies and tools, the large budgets spent by government agencies and international companies, cyber attacks continue to proliferate?

Cybercriminals are diversifying their approaches and industrializing them by constantly monitoring your most vulnerable "blind spot" "attack surface" exposed on the Internet.

Find out how SecurityScorecard can help you identify, continuously monitor your attack surface and build a prevention plan to reduce the impact of cyber attacks.

Speakers:

23 March 2023 14:30 to 15:15 Lérins Room Workshop

Organized by OWN

Retrospective 2022: An overview of cyber threats in the maritime sector

With the rapid evolution of information systems and computer networks in the shipping world, the maritime sector is now a highly connected sector (navigation systems, office workstations used by the crew, platform management systems, etc.) and has seen the emergence of new cyber risks over the last ten years. 

From common threats to the most targeted attacks, from the most widespread malware to the panorama of TTPs (Tactics, Techniques and Procedures) specific to the maritime sector, from the most active cybercriminal actors to the geopolitical challenges, OWN & the M-CERT review the cyber events that marked the year 2022 and the major associated trends in the maritime sector. 

This presentation is based on a year of work carried out in the framework of a partnership between OWN and M-CERT.

Speakers:

23 March 2023 14:30 to 15:15 Esterel Room Workshop

Organized by Kleverware

Maximizing Security and Compliance through PAM / IAG Complementarity

Privileged Access Management (PAM) and Identity and Access Governance (IAG) are two complementary concepts that must be used together to provide enhanced security for the company’s IT (Application and/or Techno) systems.

PAM focuses on managing privileged accounts, such as administrator accounts and system accounts, which have high and potentially dangerous access to computer resources. The goal of PAM is to limit access to these accounts and monitor their use to reduce the risk of security breaches.

IAG approach is broader and consolidates access to all the organization’s IT resources, including user accounts. The IAG helps establish security policies and processes to ensure that only authorized individuals have access to the resources needed to do their jobs.

By using both approaches together, an organization enhances its overall security by limiting access to privileged accounts and monitoring their use, while establishing policies and processes to manage access to all enterprise IT resources.

Speakers: