CISO France Summit | November 26, 2019 | The Westin Paris - Vendôme - Paris, France

↓ Agenda Key

Keynote Presentation

Visionary speaker presents to entire audience on key issues, challenges and business opportunities

Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee." title="Keynote Presentations give attending delegates the opportunity to hear from leading voices in the industry. These presentations feature relevant topics and issues aligned with the speaker's experience and expertise, selected by the speaker in concert with the summit's Content Committee.

Executive Visions

Panel moderated by Master of Ceremonies and headed by four executives discussing critical business topics

Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members." title="Executive Visions sessions are panel discussions that enable in-depth exchanges on critical business topics. Led by a moderator, these sessions encourage attending executives to address industry challenges and gain insight through interaction with expert panel members.

Thought Leadership

Solution provider-led session giving high-level overview of opportunities

Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community." title="Led by an executive from the vendor community, Thought Leadership sessions provide comprehensive overviews of current business concerns, offering strategies and solutions for success. This is a unique opportunity to access the perspective of a leading member of the vendor community.

Think Tank

End user-led session in boardroom style, focusing on best practices

Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard." title="Think Tanks are interactive sessions that place delegates in lively discussion and debate. Sessions admit only 15-20 participants at a time to ensure an intimate environment in which delegates can engage each other and have their voices heard.

Roundtable

Interactive session led by a moderator, focused on industry issue

Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done." title="Led by an industry analyst, expert or a member of the vendor community, Roundtables are open-forum sessions with strategic guidance. Attending delegates gather to collaborate on common issues and challenges within a format that allows them to get things done.

Case Study

Overview of recent project successes and failures

Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions." title="Case Studies allow attending executives to hear compelling stories about implementations and projects, emphasizing best practices and lessons learned. Presentations are immediately followed by Q&A sessions.

Focus Group

Discussion of business drivers within a particular industry area

Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions." title="Focus Groups allow executives to discuss business drivers within particular industry areas. These sessions allow attendees to isolate specific issues and work through them. Presentations last 15-20 minutes and are followed by Q&A sessions.

Analyst Q&A Session

Moderator-led coverage of the latest industry research

Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst." title="Q&A sessions cover the latest industry research, allowing attendees to gain insight on topics of interest through questions directed to a leading industry analyst.

Vendor Showcase

Several brief, pointed overviews of the newest solutions and services

Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences." title="Taking the form of three 10-minute elevator pitches by attending vendors, these sessions provide a concise and pointed overview of the latest solutions and services aligned with attendee needs and preferences.

Executive Exchange

Pre-determined, one-on-one interaction revolving around solutions of interest

Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest." title="Executive Exchanges offer one-on-one interaction between executives and vendors. This is an opportunity for both parties to make key business contacts, ask direct questions and get the answers they need. Session content is prearranged and based on mutual interest.

Open Forum Luncheon

Informal discussions on pre-determined topics

Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch." title="Led by a moderator, Open Forum Luncheons offer attendees informal, yet focused discussions on current industry topics and trends over lunch.

Networking Session

Unique activities at once relaxing, enjoyable and productive

Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive." title="Networking opportunities take various unique forms, merging enjoyable and relaxing activities with an environment conducive to in-depth conversation. These gatherings allow attendees to wind down between sessions and one-on-one meetings, while still furthering discussions and being productive.

 

Tuesday, November 26, 2019 - CISO France Summit

8:00 am - 8:45 am

Registration & Networking Breakfast

 

8:45 am - 8:55 am

Welcome Address & Opening Remarks

Presented by:

Michel Juvin, Former CISO of High End Retail, N-A View details

 
 
 

8:55 am - 9:25 am

Share:

Keynote Presentation

Bringing Down the Barriers

With the role of the CIO expanding, CIOs are being pushed to increase digital business by using IT in ways that deliver cost saving methods and increased levels of productivity, as well as new opportunities. However, many believe that current methods for these opportunities have reached their end. As a result, it is time to reconfigure these methods in new, unique ways. 

Takeaways: 

  1. Latest strategies or methods to increase digital business 
  2. How to confront resiliency or resistance to new digital initiatives
  3. The different types of behavioral patterns or mindsets to confront

Presented by:

Pierre-Paul Benoit, Global CIO, Societe Generale View details

 
 
 

9:30 am - 10:00 am

Keynote Presentation

Case Studies in Digital Transformation: Learnings Along the Journey

We will explore key learnings from various industries and verticals on the good, the bad and the ugly of digital transformation. We will have an opportunity to not only be exposed to successful use cases, but also ask the hard questions behind those successes.

Takeaways:

  1. One of the best ways to learn is to hear the stories of success (and failure) from companies similar to yours
  2. Asking questions of HOW the journey unfolded are just as important as the end result

Presented by:

David Fayon, Chief Digital Officer, Le Groupe La Poste View details

 
 
 

10:05 am - 10:30 am

Executive Exchange

 

Share:

Thought Leadership

Identity Insights on the Privacy-Personalisation Paradox

Delivering digital experiences that meet customer expectations is critical to digital transformation, but opportunities to get up close and personal with customers intersects with risk, security and a lack of trust. 

In this talk, Nick Caley, Global VP of Financial Services & Regulatory will share ForgeRock's approach to: 

  1. Engagement based on transparency, choice and control 
  2. Data as a shared asset in a true value exchange 
  3. Layered Consent and Lifecycle Management 
  4. Profile & Privacy Management Dashboard

Sponsored by:

ForgeRock View details

 
 

Presented by:

Leonard Moustacchis, Director Solution Architech, ForgeRock View details

 
 
 

10:30 am - 10:40 am

Morning Networking Coffee Break

 

10:45 am - 11:10 am

Executive Exchange

 

Thought Leadership

Why SD-WAN is the Future of Networking

Go Beyond the 'Software Defined' and move to 'Self Driving Network', tell the network what the business wants, then use automation and machine learning to just make it work. Learn how you can turn your network into a business accelerant and supporting your transformation to the cloud. 

Takeaways: 

  1. Not all SDN Solutions are created equal 
  2. Automation is key to the Self Driving Network 
  3. Machine to Machine learning is critical for Cloud based application success 
  4. The Network is now a Business Enabler

Sponsored by:

Silver Peak Systems View details

 
 

Presented by:

Pierre Langlois, Country Manager France, Silver Peak Systems View details

 
 
 

11:15 am - 11:40 am

Executive Exchange

 

Share:

Think Tank

Is still fear the most efficient way to promote cybersecurity?

For many years, cybersecurity awareness and fear have been walking hand in hand. Basically, if you didn't address cybersecurity, then the big bad hackers would come and get you (and your data, and your bottom line?). It's met with varying degrees of success, and has proved especially tricky when CISO had to demonstrate that the risk was indeed ahead and could not be assessed based on previous experience.
More recently, ANSSI's director Guillaume POUPARD asked the CISO community to stop resorting to fear to promote cybersecurity, but instead to sell it as a strategic asset, fully part of business strategy.
Easier said than done?

Takeaways: 

  1. How effective do you find this fear strategy nowadays?
  2. Which alternate strategy do you use/consider to promote cybersecurity?
  3. How do you balance classical fear strategy and new approaches?


Presented by:

Franz Regul, CISO - International Retail Banking,

 
 

11:45 am - 12:10 pm

Executive Exchange

 

Share:

Thought Leadership

Mobile-centric Zero Trust Security Framework

Traditional security models designed on the premise of organizations having a well-defined IT perimeter no longer apply in the perimeter-less world. Passwords based security, which assumed that users operated and accessed business information only form within the enterprise IT perimeter were adequate in the past. But in today's IT environment, where users are accessing information from a variety of untrusted devices, apps, networks, locations, and services - passwords alone are no longer sufficient. It should be no surprise that passwords are still the number 1 cause of data breaches. According to the Verizon Data Breaches Investigations report - 81% of breaches involved weak or stolen passwords. This is because passwords are easily compromised. 

In the reality of today's security world how does an organization protect itself? With a Zero Trust approach and framework to security. Zero trust assumes that bad actors are already in the network and secure access is determined by an 'always verify, never trust' approach. Zero trust approach requires that you verify the device, user, apps, networks, and presence of threats before granting access. In addition, you should have on-going enforcement. But with many theories about Zero trust how do you ensure you've taken the right approach. 

Takeaways: 

CIOs and CISOs face three big challenges: 

  1. Drive business innovation with mobile productivity by giving employees the ability to use mobile, cloud, and endpoints.
  2. Enforce corporate security without impacting the user experience.
  3. Redefine enterprise security strategies to address a perimeter-less environment.

Sponsored by:

MobileIron View details

 
 

Presented by:

Mirko Hennekes, Senior Director Sales - EMEA South, MobileIron View details

 
 
 

12:15 pm - 12:40 pm

Executive Exchange

 

Share:

Thought Leadership

3 Best Practices for Application Security (and Bonus Tip)

Applications are the lifeblood of the enterprise, but as the threats multiply, as applications move to the cloud, as legacy applications need to be maintained, and as organizations seek competitive advantage with new technologies and faster release cycles, it's easy to see that application security can be a thankless, endless and challenging job. 

Imperva has distilled three best practices (and a bonus tip) that help enterprises of any size vastly improve and simplify application security, accelerate threat detection and operationalize application security in a dynamic world where change is the only constant.

Sponsored by:

Imperva View details

 
 
 

12:40 pm - 1:50 pm

Working Lunch & Panel

The Revitalizing Change in the Role of the CXO

A CXO's role, goals and objectives have drastically changed over the years as most CXOs supervise teams and units beyond their IT's security. Because of these changes in responsibilities, a CXO's success is measured in greater business metrics. As a result, the role of a CXO has become both more attractive and more demanding.

Takeaways:

  1. What are the significant changes regarding the role of the CXO
  2. How to keep up with the changing requirements
  3. How to properly measure a CXO's success

Moderated by:

Michel Juvin, Former CISO of High End Retail, N-A View details

 
 

Panelists:

Pierre-Paul Benoit, Global CIO, Societe Generale View details

 
 

Franz Regul, CISO - International Retail Banking,

 

Hugo Woog, Privacy Engineer, OneTrust UK View details

 
 

Abdel Dahmana, CISO, ENGIE

 

Eric Pavie, Retail Banking Chief Architect, BNP Paribas View details

 
 

Sponsored by:

OneTrust UK View details

 
 
 

1:55 pm - 2:20 pm

Executive Exchange

 

Thought Leadership

Can Technology Alone Prevent Phishing Attacks & Breaches?

In a world where we are talking about trusting self-driving cars, will we totally trust self "threat assessing and action taking" cybersecurity systems? Is technology enough? What is the human role in both preventing and responding to attacks?

Takeaways:

  1. Employees continue to be one of the leading, if not the leading, entry point for security breaches
  2. Training about cyber-attack approaches such as Phishing is important but using technology can help employees more consistently identify outside forces attempting to harm your company

 

2:25 pm - 2:50 pm

Executive Exchange

 

Think Tank

Digital Transformation in Pharma- Roche

Presented by:

Jacqueline Tejeda Carnot, Informatics Director France & Middle East region, Roche View details

 
 
 

2:55 pm - 3:20 pm

Executive Exchange

 

Executive Boardroom

Why the CTO of a Robotics Company Placed People at the Heart of his R&D Strategy

For Renaud Heitz, CTO at Exotec Solutions, creating a workplace that would address business challenges - making intelligent robots and growing the company to scale at speed - while giving employees the freedom they need to imagine new solutions could seem like a bit of a conundrum. 

As an IT leader, how do you reconcile the imperatives of a business striving for governance while giving freedom and trust the central place they deserve? 

Join Renaud during a Q&A hosted by Thibaut Champey, Country Manager at Dropbox France. You'll learn about the tools you need to empower your employees to do their best work while providing a smart workspace where security and governance are paramount.

Sponsored by:

Dropbox View details

 
 
 

3:20 pm - 3:30 pm

Afternoon Networking Coffee Break

 

3:35 pm - 4:00 pm

Executive Exchange

 

Think Tank

Becoming More Decentralized

Today, increased centralization has put the power and trust into the hands of the few big players. This, of course, raises many security concerns. The risk of disruptions and undesirable outcomes increases as centralization opens the door to exclusive possession or control of commodities and services. As a result, technologies like Blockchain implemented to create decentralized alternatives as they move computing resources away from centralized servers. 

Takeaways:

  1. Evaluating the risks of centralization on availability, confidentiality and resiliency
  2. Exploring decentralized technologies like Blockchain and edge computing that offer visibility as well as enhanced security for your organization
  3. Understand the fact or fictionalization of developing AI strategies and the cause for concern for decentralized AI models

Presented by:

Francois-Xavier Rousselot, Vice President, Global Data and Artificial Intelligence Strategy, Aptus Health - wholly-owned subsidiary of Merck

 

Think Tank

Where is the Top Talent?

One of the major challenges for CISOs is finding top information security talent. However, look at 2019 as an opportunity to begin your search with universities and colleges that are expanding their cybersecurity programs due to the shortage of cybersecurity professionals. This session will also cover how to recruit and hire top cybersecurity talent.

Takeaways:

  1. Where to seek out the best cybersecurity talent
  2. The red flags to watch out for with incoming applicants
  3. The importance of focusing on retention

 

4:05 pm - 4:30 pm

Executive Exchange

 

Executive Boardroom

10 Immutable Facts of Securing your Business Applications in 2020

Security in the era of the public cloud breaks established practices for securing infrastructures and applications. The growing digitalization is driving a need for new compute and application architectures. 

Decentralized services and complexity of applications combined with their reliance on internal and external APIs require new and disruptive approaches to architecting security. The HIDS, NIDS, and flow collectors from the on-premises do not adapt well to cloud-based environments. Native cloud applications build from containerized microservices providing dynamic scale and end-to-end encrypted service meshes create new challenges for legacy application security solutions. 

As attackers get more automated, more organizations are becoming a target. The growing sophistication of attacks results in breached defenses too often. There is an urgent need for increased defensive capabilities of applications and APIs against targeted and automated attacks, driven by behavior analytics and machine learning algorithms enriched with real-time threat intelligence. 

Sponsored by:

Radware Ltd. View details

 
 

Presented by:

, ,

 
 

4:35 pm - 5:00 pm

Executive Exchange

 

Think Tank

Establishing Trust Through Digital Ethics & Privacy

With 2018's major hacks and breaches, people are becoming increasingly concerned about how organizations in both the public and private sector are using their information. More importantly, there is serious alarm as these organizations that are not proactively addressing these concerns. 

Takeaways:

  1. How to learn from others' security mistakes
  2. Cover the broader topic of digital ethics and the trust of your customers and employees
  3. What steps your organization can take to establish trust

Think Tank

GDPR Causing Confusion with Cloud Technology

Security is and will continue to be an issue within cloud technology especially with recent regulations such as the General Data Protection Regulation (GDPR). Because of the advantages and opportunities of the cloud, organizations will likely rush into cloud technologies without being fully aware of the security risks. After GDPR came into effect, there is now an even greater responsibility on organizations to manage their data compliantly as they continue transformations towards the cloud. 

Takeaways: 

  1. How GDPR affects your organization's security and cloud services 
  2. Discuss the threats that cloud technologies present and how your organization may be more vulnerable 
  3. Regulations' impact on the future of cloud security

Presented by:

Leopold Larios Y Sanchez De Pina, Data Protection Officer; Head of Group Risk Management, Mazars France View details

 
 
 

5:00 pm - 5:15 pm

What's the Next Stop On the Transformation Journey?

Our Governing Board will summarize the learnings from the day and discuss the path forward for building an ongoing community of CIOs, where common issues can be addressed and success stories can be shared.

Takeaways:

  1. Building an ongoing community with your peers can be an invaluable resource for tackling the digital transformation projects ahead of you
  2. Sharing stories of success (and failures) is not reserved to a one-day CIO Summit, but should be shared on a regular basis with your peers

Presented by:

Michel Juvin, Former CISO of High End Retail, N-A View details

 
 
 

5:15 pm - 6:30 pm

Summit Happy Hour