Relive the highlights of Les Assises 2024 edition with replays & photos.

Together!

In this Olympic year, "Citius, Altius, Fortius" ("faster, higher, stronger") would have made an excellent theme for Assises 2024. But a new addition to this mythical trio - and in my mind - is "Communiter", which has been translated into the Olympic motto as "together".

If "Taking the high road" was our mantra in 2023, the term "together" came up a lot during this edition. Maria reminded us at the opening ceremony that "we owe it to ourselves to work together", and Vincent Strubel added by urging us to "work more than ever in networks". It's a reality: together, we can face up to a threat that, having become systemic, requires us to collaborate more widely. And when it comes down to it, working together, sharing, coming together - that's the very raison d'être of Les Assises.

Les Assises 2024: Together!

Together! We can explore the precious link that exists between the army and the nation, discover the pool of skills represented by military personnel undergoing retraining or the role of the Gendarmerie in supporting the local economic fabric.

Together! We need to work more closely with the business community... it's a cultural revolution that awaits them as they become legally responsible for cybersecurity. How can we anchor this awareness? By involving professional associations (Medef, etc.)? By fully integrating this dimension into the training courses for future managers (business schools, MBAs)?

Together! We are building a cyber confidence that can be anchored in NIS 2 and regulatory developments. Our service providers need to mature, and it's up to us to help them do that! To do this, we need to ask ourselves what the keys to trust are (questionnaires, certification, labels, etc.).

Together! Let's set our sights on sectoral cooperation, drawing inspiration from existing successes such as the first sectoral Cert/SOCs and the highly effective fight against fraud in the banking sector.

Together! Let's be pragmatic... transposing NIS 2 means scaling up (a challenge imposed by the threat - targeted, societal), getting the "little guys" on board (SMEs, hospitals, local authorities), preparing for the big night (simultaneous attacks)... in short, being cyber-resilient.

Together! Let's show solidarity in the face of attacks, let's get involved in the Cyber Solidarity Act... let's share between companies in the same sector, let's rely on service providers like a nature reserve. Let's make the most of existing initiatives!

Together! Let's educate solution providers to include security as a default in their offerings, and not as an optional extra.

Together! Let's help to raise awareness among a wider audience than those we usually target, especially young people. Les As du Web, Cybervengers, Le Guide de la Sécurité Numérique des Dirigeants... we need to promote these virtuous initiatives for ourselves and for the general public. Together! Let's debrief these 16 days of the 2024 Olympics, which will have taken us to a new level: operational preparation, training, climbing, requisitioning, teamwork... together, faster, higher, stronger.

I wish us a supportive and inspiring 2024 edition of Les Assises!

Honorary President of Les Assises 2024 : Paul Lemesle, Chief Information Security Officer, Lactalis Group

Replays

Conferences

Opening conference Les Assises 2024

Opening conference - Faster, higher, stronger - Together

Wednesday 9 October | 1.30pm-2.30pm

From 1:30 pm, under the powerful theme TOGETHER, don't miss the address by Didier Guillaume, Minister of State of the Principality of Monaco! 🌍

TOGETHER, we're stronger! Discover how joining forces is the key to building resilient communities in the face of global cyber threats. Faced with cyber risks of unprecedented complexity, the Global Cyber Alliance focuses on concrete solutions. Join the movement and understand how collective effort is essential to counter these global threats.

📊 An in-depth analysis of the past year will be presented by Vincent Strubel, Director of ANSSI, followed by an exclusive interview with Paul Lemesle, Honorary President of Assises 2024!

🚨 An event not to be missed! 

To address these issues, we will be honoured to welcome to our opening conference :

  • Philip Reitinger, President and CEO, Global Cyber Alliance
  • Vincent Strubel, Director General, ANSSI
  • Paul Lemesle, Group CISO, Lactalis Group and Honorary President of Assises 2024
Innovation Award and plenary conference Les Assises 2024

Innovation Award and plenary conference

Thursday 10 October | 6.00pm-7.00pm

Part 1 | Focus on innovation

  • A look back at IDECSI's history, 10 years after they won the Innovation Award in 2015: Daniel Benabou, IDECSI
  • Presentation of the Innovation Prize to the 2024 winner: Snowpack

 

Part 2 | The Earth from space - A vision to change the world

Jean-Pierre Goux is fascinated by the beauty of the Earth as seen from space, its impact on astronauts and what this vision could change in human societies, both individually and collectively, if it became accessible to all. Through the story of a 25-year quest that took him into the inner workings of NASA and the powers that be to produce the first images of the entire Earth orbiting from space so that everyone could experience the overview effect (the wonder experienced by astronauts as they discover the Earth), he will emphasise the importance of dreams and of changing the way we look at things for the ecological transition. Participants will also be able to take part in this collective experience.

  • Jean-Pierre Goux, President of OneHome

Jean-Pierre Goux is a mathematician, entrepreneur, writer, lecturer and committed environmentalist. Former CEO of Powernext, he is the author of the saga Siècle bleu, and chairman of the NGO OneHome. In 2024, he published ‘La Petite Princesse’, the first volume of the new ‘Blue Revolution’ saga, in which he proposes an inspiring way to reconcile humanity and the biosphere.

Keynotes

Les Assises 2024, keynote microsoft

GenAI: from models to business applications, a risk-based approach?

Wednesday, October 9 | 18h00-18h30

At the dawn of Year III of Generative AI, it's crucial to take stock of the safety and security challenges of AI models in a professional context. Join us to explore, through examples, the relevance of a risk-based approach adapted to these new models and their implementation.

  • Philippe Limantour, Chief Technology and CyberSecurity Officer, Microsoft France
Les Assises 2024, Keynote Zscaler

Democracy under stress: how are AI and cyberattacks jeopardizing the integrity of elections?

Thursday, October 10 | 09:30-10:00

In 2024, almost half the world's population in 80 countries will participate in elections, including France, the UK, India, Russia and the USA.

Electoral interference - through hacking, disinformation and AI-fueled deepfakes - poses a significant threat to these democratic processes. In the context of cyberattacks and AI-driven disinformation, Rob Sloan will propose to: examine the latest documented cases of election interference and their impact on democratic trust Analyze how similar tactics could be used to undermine corporations and their leadership. Provide concrete strategies for organizations to prepare for and defend against such attacks. How can organizations identify attacks early and prepare effectively to minimize damage? This session will enable participants to gather crucial insights into the evolving information warfare landscape, and walk away with practical actions to protect an organization's reputation and build stakeholder confidence in the age of sophisticated digital threats.

  • Rob Sloan, VP, Cybersecurity Advocacy, Zscaler

 

Assises 2024, Keynote Netskope

Securing an AI-ready future, without compromising your own

Friday, October 11 | 11:30am-12:00pm

The rise of Generative Artificial Intelligence (GenAI) in the enterprise has brought with it a set of new, complex and unexpected data security challenges. According to recent data, at least one in four business users interacts with AI applications every month, and this number is growing rapidly among the top 25% of users, with hundreds of interactions per month on average. As companies continue to integrate AI into their business processes - for example in customer relationship management, HR, product information etc... - they need to remain vigilant and take the necessary steps to ensure the security of their data. Effectively managing data security in the context of GenAI proliferation is not just a matter of risk mitigation, it's a strategic imperative now necessary for successful governance at executive level. When approached correctly, effective data protection enables companies to leverage GenAI for competitive advantage, while neglecting the need for security around its use can have catastrophic consequences for the business. In this session, you'll discover: How to debunk common myths surrounding GenAI adoption, with current statistics on GenAI growth and business risks. How to strategically select and consolidate technology tools to improve agility, reduce risk and maintain profitability. How to plan for the continued adoption of GenAI and the ongoing use of AI and machine learning to combat cyber attacks? How can you adopt modern protection techniques to safeguard data and enable your employees to use generative AI safely? How to properly assess your supply chain partners for risks when it comes to AI.

  • Sanjay Beri, CEO, Netskope
Les Assises 2024, Keynote eviden

Retex JO Paris 2024: Anticipating the unexpected, thwarting the unpredictable

Friday, October 11 | 14h00-14h30

The Paris 2024 Olympic and Paralympic Games shattered all records, and were watched by almost 4 billion viewers worldwide. Behind these jaw-dropping numbers, behind each of the spectacular performances, a team is waging an invisible behind-the-scenes battle to ensure the safety of the greatest sporting event of all time. For four years, this elite team has been preparing to counter the cyberthreats ready to strike at any moment. The challenge was to design a dynamic defense system, a veritable cyber fortress capable of detecting and neutralizing attacks before they were even deployed. Thanks to the tools deployed, but even more so to the collaboration, expertise and responsiveness of the teams at the heart of the system, we succeeded in anticipating the unexpected and thwarting the unpredictable in an event where every second counts.

  • Franz Regul, CISO, Paris 2024
  • Benoît Delpierre, Cybersecurity CTO, Eviden
 

Round tables

Ensemble en entreprise : comment convaincre ses dirigeants à renforcer la cybersécurité?

Working together in business: convincing and engaging your managers in cyber strategy: best practices and sharing experiences

Wednesday, 9 October | 5:00-5:45 pm

While cybersecurity has become essential and executives are increasingly convinced of its importance, it is clear that more effort is needed to raise awareness, spark interest, convince and engage them. In a context where attacks are on the rise, where their responsibility is increasingly engaged, and where users' expectations are growing in terms of cybersecurity and digital trust, how is cyber awareness among executives evolving?

How can you raise awareness, inform, report and advise on a subject that remains vague, intangible and complex for many of your stakeholders? How can regulations be presented in such a way that they are perceived as an opportunity?

What are the expectations of senior managers and how can these be addressed in a clear and pragmatic manner? Our guests will present best practices and feedback, and share some answers to help you better convince and engage your decision-makers.

Moderator: Mélanie Bénard-Crozat, Editor-in-chief, S&D Magazine and Impact for the Future

  • Anne Dore, Chief Executive Officer and Founder, Adhel
  • Maxence Demerlé, Directrice du numérique, MEDEF
  • Sylvie Salinie, Chairwoman of AGISCOM Group & Vice-Chairwoman of the Seine-et-Marne Chamber of Commerce and Industry
Ensemble face à la menace : collaboration entre les secteurs et entreprises

Professions and Generative AI: new Challenges for CISOs in supporting innovation

Wednesday, 9 October | 5:00-5:45 pm

The round table aims to discuss current cybersecurity challenges and the importance of collaboration between the public and private sectors in order to respond to the growing number of threats.

Sector-specific CERTs are being created (aviation, maritime, etc.), and companies are increasingly trying to share information within trusted circles, such as InterCERT. How can this collaboration be improved? How do they work and what are the benefits of collaboration? All these topics will be addressed during this round table.

Moderator: Loïs Samain, CISO, EDF Hydro

  • Marion Buchet, Head of CERT, CERT Aviation France
  • Martine Giralt, Vice-Chairperson, InterCERT France
  • Arnaud Kopp, Cyber Coordination Officer, ANSSI
Métiers et IA Générative, les nouveaux défis du CISO pour accompagner l’innovation

Professions and Generative AI: new Challenges for CISOs in supporting innovation

Wednesday, October 9 | 5:00-5:45 pm

New technologies offer tremendous opportunities but also carry risks. AI is the best example of this. CISOs face a dilemma: how to protect data without stifling innovation? With tools like Copilot, AI promises to boost productivity, but the risks of hallucination and security are real. CISOs must not only secure this technological transformation, but also support it. Discover their journey between challenges and opportunities, where every decision can transform the future. A captivating immersion in the struggle to balance security and innovation.

Moderator: Caroline Moulin-Schwartz, Déléguée Technique, CRIP

  • Odile Duthil, Group Cybersecurity Director, Caisse des Dépôts Group and Director of CLUSIF
  • Lucile Coupez, CISO Gouvernance Groupe, EssilorLuxottica and member of CESIN
  • Camille Morvan, Cognitive science researcher, Harvard, and co-founder, Goshaba
Assises 2024 | Round table discussion: Cognitive warfare, hacktivism and espionage

Cognitive warfare, hacktivism and espionage: when digital borders are blurred

Wednesday, October 9 | 5:00-5:45 pm

This round table offers you an immersion into the heart of current IT security issues. A fascinating debate on the crucial importance of international cooperation and strategies to counter sophisticated threats such as cognitive warfare, hacktivism and espionage.

Moderator: Sébastien Couasnon, Podcast Host tech 45'

  • Paul Charon, Director for "Intelligence, Strategy foresight and Influence" at the Institute for Strategic Research (IRSEM)
  • Christophe Floch, CISO, Dassault Aviation
  • Nicolas Diaz, Head of Digital Security & Operations, Reporters Sans Frontières
Assises 2024 | Round table discussion: Cyberattacks and Generative AI

Cyberattacks and Generative AI: what lies beyond AI poisoning, and how can we mitigate the risks?

Friday, October 11 | 9:30-10:15 am

With generative AI, new forms of cyberattacks are plunging us into a new battlefield and confronting CISOs and data scientists with a crucial question: is their AI truly secure? How can we, as professionals, grant or withhold capabilities to this AI?

After examining several recent examples of AI hacking, we will review the latest attack vectors and their consequences. We will explore the intricacies of permissive AI and discuss risk acceptance when AI becomes talkative by studying the quality of its responses.

Modératrice : Caroline Moulin-Schwartz, Technical Delegate, CRIP

  • Frank Van Caenegem,VP Cybersecurity et CISO EMEA, Schneider Electric & administrator of CESIN
  • Véronique Bardet, CISO, Pierre Fabre
  • Brice Augras, Ethical hacker
Au secours, on nous attaque !

Help, we're under attack!

Friday, October 11 | 9:30-10:15 am

When a cyber attack strikes, every second counts and it's best to have a few marbles to prepare for the unexpected. Discover the crucial steps to take, the key people to contact and the measures to take to minimise damage and restore security.

Moderator: Sabine d'Argoeuves, Head of Security Solutions, Identity and Continuity, Kering

  •  Anne Souvira, Honorary Commissaire Divisionnaire, former head of the cyber mission at the Prefecture of Police
  • Jérôme Saiz, Business protection expert - OPFOR Intelligence
  • Axel Castadot, National Crisis Director for Information Systems, SNCF
Round Table Les Assises Cybersecurity for NGOs

Cybersecurity for NGOs: tackling the challenges together

Friday, October 11 | 9:30-10:15 am

More than 50% of NGOs have been victims of cyber attacks. They face unique cybersecurity challenges, exacerbated by limited resources and the high sensitivity of the data they manage. The impact of cyber attacks on NGOs can be devastating, affecting not only internal operations and reputation, but also beneficiaries.

How does the mutual support and solidarity of the infosec community strengthen the cybersecurity of NGOs? Why do ethical and humanitarian hackers need to work together? What are the challenges facing non-governmental organisations in terms of digital security? Our experts will discuss best practices to support their cyber resilience in their essential humanitarian and philanthropic missions.

Moderator : Véronique Loquet, Cyber security expert

  • Maxime Giraud, CISO, Action contre la faim
  • Fabien Lemarchand, President, Hack4Values
  • Bénédicte Legourd, Safety and Security Manager, SOS MÉDITERRANÉE
Table ronde Clusif - SIEM, SOAR, CERT, IA, XDR, ... : les enjeux du SOC augmenté

Clusif - SIEM, SOAR, CERT, IA, XDR, ... the challenges of augmented SOC

Friday, October 11 | 3:00-3:45 pm

A Clusif working group is preparing a revised and expanded edition of the guide “How to successfully deploy a SOC” published in ...2017. This eagerly awaited new edition will take into account technological (AI, SOAR, ... ) and organizational developments. It pays particular attention to SOC evaluation and evolution issues, which we invite you to share with our experts.

  • Loïc Guézo, Co-Chairman of Clusif
  • Valentin Jangwa, Co-animateur SOC Augmented, Clusif
  • Michel Dubois, Scientific and technical director, La Poste Group cybersecurity department
  • Nadège Reynaud, Cyber Governance & Risks Manager
  • Marion Buchet, Head of CERT du CERT Aviation France
Table ronde CESIN - Gouvernance et Conformité

CESIN - Governance and compliance

Friday, October 11 | 3:00-3:45 pm

2024 is not just the year of the Olympic Games. It is also the year of cyber regulations: DORA, NIS2, CRA, IA Act, etc. There are countless texts that impact companies to a greater or lesser extent in terms of cyber security. This session will explore the synergy between governance and compliance. How can governance and compliance be integrated harmoniously, and strengthen the cybersecurity and resilience of organisations? The speakers, who are members of CESIN, will discuss the impact of the main regulations and standards in force on their organisations, the steps required to achieve and maintain compliance, the role and responsibilities of the CISO, and the related challenges and opportunities.

  • Alain Bouillé, General Delegate, CESIN
  • Frank Van Caenegem, CISO at Schneider Electric and CESIN Administrator
  • Estelle Tchigique-Boyer, CNP Assurances Group CISO
  • Vincent Lefret, RSSI U TECH and CESIN administrator
  • Pierre-Luc Refalo, Head of IT / Cyber / Data audit, Capgemini
Table ronde Club Ebios - Jouons ensemble et plongez dans les principes d'EBIOS Risk Manager !

Club Ebios - Let's play together and dive into the principles of EBIOS Risk Manager!

Friday, October 11 | 3:00-3:45 pm

Enjoy an immersive, fun experience in the world of the method. Don't miss this exclusive opportunity, created for the Assises. Take part in our workshop to discover EBIOS Risk Manager: THE GAME. This was created by the CLUB, with the support of ANSSI and a company specialising in board games. Whatever your level of knowledge, discover how the game can transform and accelerate learning about realistic risk management on a daily basis for everyone: CISOs, DPOs, IT Departments, business lines. Bring your smartphone and let's play together!

  • Maricela Pelegrin-Bomel, CISO, Etablissement Français du Sang
  • Lionel Vodzislawsky, Director, Club EBIOS
  • Jean Olive, Vice-Chairman, Club EBIOS
L’engagement citoyen de la filière Cybersécurité

The Cybersecurity industry's commitment to corporate citizenship

Friday, October 11 | 3:00-3:45 pm


The main objective of the round table will be to present and highlight the commitment of cybersecurity professionals to the growing maturity of civil society, through two flagship initiatives: European Cybersecurity Month, supported by Cybermalveillance.gouv.fr, and the Cyber 4 Tomorrow platform. The aim is not only to present these initiatives, but also and above all to mobilize the industry through feedback. A reminder of GIP's extensive work in awareness-raising and guidance will be given as an introduction. More generally, the aim is to highlight the industry's civic commitment in a field where the negative (data leaks, cyber-attacks, malfunctions, cyber-warfare) can sometimes wrongly take over.

 

  • Nolwenn Le Ster, President of Numeum
  • Jérôme Notin, Managing Director of GIP ACYMA (cybermalveillance.gouv.fr)
Larguons les amarres : la crise dont vous êtes le héros !

Let's cast off: the crisis in which you are the hero!

Friday, October 11 | 4:00-4:45 pm

Embark on a crisis whose destiny you will decide... Will you make the right decisions together? Meet us at the Assises

  • Loïs Samain, CISO, EDF Hydro
  • Michel Cazenave, CISO/CSO, PwC France
  • Stéphane Joguet, Global CISO, Sephora
  • Sabine d'Argoeuves, Head of Security Solutions, Identity and Continuity, Kering
  • Odile Duthil, Cybersecurity Director, Groupe Caisse des Dépôts and CLUSIF Director

Meet-ups & workshops

Meetup Les Assises Mentoring

"My first Les Assises" mentoring session

Wednesday, October 9 | 3:00-3:30 pm

You've just arrived, the opening conference is over and you're thinking "where on earth am I going to go?" Don't worry, I'm going to explain everything to you! From best practice to organising your diary, from party management to getting a better overview of the Grimaldi Forum venues, the idea of this session is to get together with new guests, answer any outstanding questions, share your thoughts and help you have a great conference!

  • Hosted by: Loïs Samain, CISO, EDF Hydro
Meetup Les Assises Overview of cyber regulations

Regulatory overview: what's on the horizon for the end of the year?

Thursday, October 10 | 10:00-10:30 am

Let's decipher regulations together! It's true that regulations are not an easy subject to tackle, but they have to be complied with! That's why we've put together an overview of the regulatory landscape, highlighting the key aspects to bear in mind for each key regulation. We'll discuss the business impact of the IA Act, the Cyber Resilience Act, NIS2 and DORA in a pragmatic and operational way. Join us for a stimulating and informative discussion on the regulations shaping the future of cybersecurity.

  • Garance Mathias, Lawyer at the Court of Paris
  • Paul-Olivier Gibert, President, AFCDP
Construire son plan de remédiation après un incident cyber

Building a remediation plan after a cyber incident

Thursday, October 10 | 11:00-11:30 am

The remediation of a cyber security incident is a little-known subject with considerable stakes. On the basis of its operational feedback and its strong expertise, in 2023 ANSSI launched a sharing of its vision of the doctrinal bases in remediation with the ecosystem. After a public consultation, we published a doctrinal corpus “Cyberattacks and remediation” at the start of 2024. While these documents provide a theoretical basis, it is not always easy to put them into practice. In response to this problem, we propose to present the choices structuring a remediation and implementation approach. The presentation focuses on the construction of a remediation plan based on the “Piloting Remediation” guide, which is the operational part of the corpus. Based on concrete examples, the presentation will provide the audience with a common thread for organizing an organization's survival in the face of a cyber incident and structuring its rebound.
  • Prachea Thiounn, CERT-FR, ANSSI / Control Recovery Assistance Office
Saurez vous détecter et exploiter les failles  de l’Active Directory ?

Can you detect and exploit Active Directory vulnerabilities?

Thursday, October 10 | 12:00-12:45 pm & 3:00-3:45 pm & 4:30-5:15 pm

The Campus Cyber Hauts-de-France LM invites you to come and challenge its cyber range and reveal the ethical hacker in you. During this challenge, you will be given a virtual machine to attack a fictitious AD and your mission, if you accept it, will be to find as many vulnerabilities as possible in a limited time.

  • Gabriel Madelaine-Toublanc, Cybersecurity Expert, CAMPUS CYBER Hauts-de-France Lille Métropole
  • Corentin Petrau, Cybersecurity Specialist, CAMPUS CYBER Hauts-de-France Lille Métropole
Quand nos failles mentales ouvrent la porte aux cyberattaques ?

When our mental flaws open the door to cyber attacks?

Thursday, October 10 | 2:00-2:30 pm

According to an IBM study, human error is the main cause of 95% of cybersecurity breaches. In other words, if human error were entirely eliminated, 19 out of 20 security breaches might not have occurred at all. There are 3 reasons for this statistic: the tendency of individuals to overestimate their own intelligence, cognitive biases and, finally, the sense of familiarity built (by design) into AIs to make them easier to use. In this meetup, we'll explore the limits of human (and artificial) intelligence, and in particular the influence of cognitive biases, through concrete, playful examples.

  • Camille Morvan, Cognitive Science Researcher, Harvard and co-founder, Goshaba
Responsabilité juridique : que risquent les RSSI… et leurs PDG ?

Legal liability: what do CISOs - and their CEOs - risk?

Thursday, October 10 | 3:00-3:30 pm

New European regulations (the NIS-2 Directive, the DORA Regulation, etc.) and other local or sector-specific regulations (SEC, New York Department of Financial Services (NYDFS), etc.) provide for the Information Systems Security Officer or senior management to be held liable in the event of a breach of cybersecurity. What is the reality of this legal risk, whether civil or criminal? What measures can be taken to protect against it? What is the scope of a delegation of authority?

  • Nicolas Arpagian, Vice-President, HeadMind Partners
  • Garance Mathias, Lawyer, Paris Court of Appeal
Meetup Les Assises OSINT

OSINT: what the CAC40 top 20 have to hide

Thursday, October 10 | 4:00-4:30 pm

Many employees, including COMEX members, claim they have nothing to hide. Yet, in this talk, we will demonstrate how simple Open Source Information Retrieval (OSINT) techniques can be exploited by criminals. We'll explore how these methods can lead to presidential fraud, compromised information systems, organized protests and even physical attacks on VIPs. The personal and professional information of top 20 CAC 40 executives, harvested via Open Source Intelligence, can have a direct impact on the security of the organization's information systems, as well as on the survival of the company. This session aims to raise awareness among executives of the importance of protecting digital information, and to show how OSINT can be used for malicious purposes.

  • Sylvain Hajri, Founder & CEO, Epieos

The photo album

Relive the highlights of the 2024 edition.

Les Assises 24