PROGRAM
2024
The event program will be complemented by keynotes and conferences from our partners and contributors.
INFOSEC
PANEL
Integrating machine learning into DevOps processes offers new perspectives for enhancing operational efficiency and software quality. The successful adoption of machine learning in DevOps environments requires close collaboration between development, operations, and data teams. As the future of computing is characterized by the programming of computer systems capable of autonomously generating programs, it is important to find ways to secure this evolution to the best extent possible. The common goal is achieving security and innovation.
PANEL
If an attacker manages to gain control of LDAP directory services, they can potentially compromise the entire IT environment by accessing sensitive information, altering access permissions, and disrupting critical systems. What are the challenges and constraints of protecting these tools upstream of a potential attack, and during the recovery phase after an attack? How can a consistent and optimal configuration between online and on-premises directory services be achieved?
PANEL
The increasing automation of Security Operations Centers (SOCs) raises essential questions regarding its extent and the role of artificial intelligence within SOC solutions, notably Security Information and Event Management (SIEM) systems, User and Entity Behavior Analytics (UEBA) technologies, and Security Orchestration, Automation, and Response (SOAR) platforms. While AI can expedite threat detection and incident response, does human expertise remain irreplaceable for interpreting, anticipating, and making responsible analytical decisions?
PANEL
With the increasing adoption of cloud services, concerns arise regarding the location and control of data stored in the cloud. The use of sovereign cloud services can sometimes limit provider options, leading to reliance on a single provider and long-term migration or interoperability challenges. How can security, scalability, and autonomy be reconciled in cloud computing?
PANEL
Similar to diversion on the traditional battlefield, decoy tactics aim to deceive adversaries by making them believe they are attacking or infiltrating a specific system or area, while in reality, they are directed to a controlled environment where their actions can be monitored and analyzed. Deception, decoys, and invisibility techniques in cybersecurity permit the diversion of the attention of real targets and/or trapping attackers to better identify and counter them. Solutions do exist to enhance protection by employing these strategies, but are they sufficiently implemented?
PANEL
In order to combat cybercriminals targeting the weakest links in the chain, it is necessary to impose continuous monitoring and mandatory incident reporting to third parties. How can access and privileges of various actors in the supply chain be securely managed? How can complete visibility into different actors of the supply chain be obtained to effectively detect and respond to potential security threats before they occur? What is the appropriate way to manage the security of “third parties” using solutions such as scoring or auditing?
PANEL
Zero trust is sometimes seen as a trend, a marketing innovation that has revitalized old technologies such as Privileged Access Management (PAM) and Multi-Factor Authentication (MFA). However, it also represents a genuine innovation in usage, combining these technologies with network micro-segmentation and elements of behavioral analysis (UEBA, User & Entity Behavior Analytics), cloud access policy management (CASB, Cloud Access Security Broker), mobile device management (EMM, Enterprise Mobility Management), incident response orchestration (SOAR, Security Orchestration, Automation and Response), and more. How can organizations effectively implement a zero trust security strategy while leveraging prior approaches?
Cybercrime
PANEL
EDR (Endpoint Detection and Response) solutions were utilized by 90% of companies in 2023. Despite their effectiveness, there is the emergence of bypass techniques that must be fully appreciated in order to leverage solutions. What are these techniques, and what can be learned from the best practices to guard against them?
PANEL
Incident response is akin to a combat sport. To defend effectively, one must train facing real attackers. This is the purpose of “Blue Team / Red Team” sessions, sometimes supplemented by “Purple Teams”, within the company or through dedicated operational training centers. The blue team defends, akin to soldiers protecting their territory, while the red team attacks, testing the effectiveness of the defenses in place. The purple team analyzes and optimizes, enhancing tactics. It’s a continuous cycle of learning, adapting, and improving for flawless security. How does one train effectively? Which platforms are the most successful and how often should they be used??
PANEL
The digital revolution has profoundly transformed the landscape of investigations and forensics, infusing an unprecedented digital dimension and an unmatched volume of data. In this context, AI can become an ally to investigators in collecting, indexing, and analyzing this data. What changes should investigators anticipate in this new digital landscape? How can they keep pace with emerging technologies while ensuring the integrity and traceability of evidence? How can they adhere to privacy laws while investigating and prosecuting effectively?
PANEL
Deepfake, deep voice, and vishing: just three of the growing number of new phishing techniques that use AI to create lifelike text, voices, images, and digital characters. The result is virtually undetectable phishing scams. Gartner estimates that 20% of all phishing attacks will use AI tools. What are the best protection mechanisms ? What organizational processes need to be put in place? What solutions are available and/or recommended?
PANEL
Cyber Threat Intelligence (CTI) provides organizations with the necessary elements to detect malicious actions. AI automates the analysis process but can generate false positives due to complexity and lack of context. It also requires a significant amount of data and ongoing training to remain effective. How can AI models adapt to new tactics of cybercriminals? How can effective collaboration between intelligence and security teams be encouraged?
PANEL
Advanced Persistent Threats (APTs) pose a significant challenge to corporate cybersecurity. Attackers are often more experienced and employ sophisticated strategies backed by substantial financial resources. These cyberattacks specifically target organizations to infiltrate discreetly and persistently, exfiltrating sensitive data. Some attackers may remain within a system for years before being detected. What tactics are used to penetrate networks? What advanced methods of detection and response can be deployed o these targeted intrusions?
PANEL
In 2024, the ransomware threat evolves, leveraging innovative attack vectors and increasingly sophisticated extortion techniques. Organizations must anticipate these emerging tactics to remain resilient against digital threats. What are the best practices for detecting and avoiding such attacks? What new challenges must cybersecurity experts anticipate to stay one step ahead of cybercriminals?
OT SEC critical infrastructure
PANEL
The pervasive presence of legacy systems in the operational technology (OT) architectures of many industries poses significant security challenges due to their age, lack of vendor support, and inability to timely receive updates and patches. Therefore, how can these entities be effectively protected? How can cybersecurity strategies be adapted to meet the unique needs of existing industrial systems, considering the constraints related to their extended lifespan and the diversityof technologies used?
PANEL
Embedded systems are subject to strong constraints such as integration, real-time computing, robustness, reliability, and energy efficiency. What is the reality of the threat to these devices? Have manufacturers truly grasped the extent of it? Are the integration and maintenance constraints of these systems compatible with the traditional vision of cybersecurity, or do they necessitate a new paradigm?
PANEL
Operational technologies are the latest area of highest vulnerability as they areoften interconnected with other systems and increasing the attack surface. Vulnerabilities in these systems can therefore be exploited to compromise other parts of the network. Patch deployment is more complex and prone to human errors in the OT field, as some operational systems lack automated or user-friendly update mechanisms.
What proactive collaboration strategies can be implemented with suppliers and manufacturers to ensure continuous updates of security patches and encourage the development of robust solutions from the design stage?
PANEL
Properly segmenting industrial networks into distinct zones enhances system security while improving visibility into network activities. With this approach, companies can better anticipate and counter threats, thus ensuring operational continuity. How can this segmentation be seamlessly integrated into existing production processes while minimizing operational disruptions?
PANEL
How can the Internet of Things networks be secured when used in industrial environments? How does one minimize potential entry points for attacks? How can security measures such as securing IoT devices, network segmentation, and traffic monitoring be implemented to mitigate the risks of exploitation by malicious actors? How do Attack Path Management solutions enable companies to gain better visibility into their assets and environments, and what does this visibility yield?
PANEL
As cybersecurity for industrial sites begins to rank among the top priorities for executive leadership, what approaches should cybersecurity managers adopt? What human barriers and personnel awareness need to be overcome to facilitate change management? What internal organization is most suitable to address risks? What are the specific challenges faced by OT CISOs?
Intelligent Mobility
PANEL
From regulatory perspective to operational perspective, the panel will address the cybersecurity risks associated with the supply chain, including third-party vendors, suppliers, and contractors. The panel will discuss strategies for assessing and managing supply chain risks to protect critical infrastructure and their related systems.
PANEL
Discuss the importance of collaboration among maritime, aviation and aerospace stakeholders, including suppliers, operations, and regulatory bodies to include the benefits of, sharing real-time cyber threat intelligence to strengthen defenses against cyber attacks, and best practices.
PANEL
Explore the challenges and strategies for ensuring the safe operation of unmanned vehicles. With a focus on cyber resilience, discussions will address essential safety measures, necessary oversight, and promising technological advances in this ever-evolving field.
PANEL
Examining the interrelationship of safety, security and cybersecurity management systems in the aviation sector, with a focus on governance and risk management. This h discuwill address synergies, challenges and best practices to ensure efficient and safe operations in a highly regulated and technologically complex aviation environment.
PANEL
Exploring the implications of precise aircraft positioning on a global scale and highlighting the critical role of satellite communications in this dynamic, discussions will focus on the benefits and challenges associated with these services, as well as the imperativeto strengthen cybersecurity as part of these services to increase the reliability and safety of flight operations in the age of global connectivity.
PANEL
This panel will examine the critical cybersecurity issues in the maritime industry as it integrates artificial intelligence (AI) and technological developments. Discussions will focus on the specific challenges associated with this transformation, as well as strategies and best practices for ensuring the resilience of maritime systems in the face of growing global cyber threats across the seas.
Trust & Safety
PANEL
The trend is towards decentralization of digital identity. Some national and international initiatives aim to harmonize electronic identification practices and make life easier for citizens, even facilitating cross-border exchanges. How can universal authentication be reconciled with the respect of privacy? What solutions are being considered? In what ways can AI and blockchain contribute to a decentralized and secure digital identity?
PANEL
Online child safety is a major societal issue. Implementing security by design is a practice that should be mandatory in technology companies. It is also a legal requirement in some countries. What is the state of the measures in place? What are these best practices? What does security by design mean in terms of operational and organizational measures? How can children be better protected?
PANEL
In the age of hacktivism, misinformation and propaganda, informational chaos is breed, and fear and confusion are sowed. Cybercriminals, as well as nation-states, seek to promote deceptive narratives and to capitalize on all humanity . What is the role of hacktivism in the cyber threat landscape? What strategies can be adopted to navigate this turmoil to global citizens? How can manipulation tactics be identified and thwarted?
PANEL
In a constantly evolving digital world, personal data has become currency. , Transparency and ethical responsibility are essential for building true digital trust if digital efficiencies are to continue. What are the main ethical dilemmas faced online when there is a need to share personal sensitive data? What can be done to promote and establish a culture of digital ethics? Can there ever really be an expectation to achieve digital ethics and accountability, in light of anonymous online activity?
PANEL
Digital fraud has become a major issue in our hyperconnected society, where online transactions are ubiquitous. Fraudsters employ complex social engineering schemes and now leverage AI to deceive both victims and protective systems. What proactive methods can be employed to identify and counter online scams? What prevention strategies exist?
PANEL
Protecting data while thriving in business is a delicate but much needed balance in today’s digital landscape. Companies are faced with the need to ensure the privacy and security of their customers’ data while continuing to innovate and grow. What are the best practices for striking the right balance?
NEW TRENDS
PANEL
While current encryption methods are nearly impossible to decipher for traditional computer systems, quantum computers can quickly and easily decrypt classical encryption algorithms, and in turn, greatly endanger sensitive data. Quantum computing has a promising future in its virtuous applications but is also a threat to data security and privacy. How can one prepare for this quantum revolution, and how can oneensure a smooth transition to post-quantum cryptography while ensuring interoperability with existing systems and protocols?
PANEL
Tokenization provides increased protection of sensitive data by limiting direct access, thereby reducing the risk of compromise and enhancing confidentiality. What are the best practices for managing the lifecycle of tokens, including their creation, storage, transmission, and destruction, to optimize data protection? Is there a strategic value of tokenization?
PANEL
Fintech companies, which sometimes lack resources and expertise in cybersecurity, face significant challenges in digital trust due to their digital nature and interaction with sensitive financial data. How can fintech revolutionize the financial landscape while ensuring data protection, increasing confidence, and paving the way for increased security practices?
PANEL
The innovations of Web3 offer the prospect of accelerating asset exchanges and establishing a closer connection between the real and virtual worlds. However, the absence of standards and a central authority underscores the urgent need to develop an appropriate framework for risk management. Should there be standards, and if so, are they achievable in a decentralized world?
PANEL
Is this a sweet dream? In 2030, digital solutions and services will provide comprehensive protection against cyber threats. With advanced artificial intelligence and international collaboration, incident responses are instantaneous, and critical infrastructures are resilient. Technological advancements will enable early threat detection, while quantum cryptography will ensure impenetrable confidentiality. Let’s explore with foresight experts what the future truly holds!
PANEL
AI offers significant advantages in terms of intelligence gathering and analysis, decision-making, and even combat operations for example with the use of drones, robots, and autonomous systems. What are the realities of using AI in military systems? What security considerations are at stake? What ethical principles and regulatory frameworks should be followed? Is it appropriate? Can it be reversed?
MAIN STAGE
Unite InCyber
PANEL
Trust is crucial for the adoption and integration of technologies, particularly in artificial intelligence. Therefore, it’s essential to define precise criteria for reliable AI. Regulations are multiplying globally, with over 1,600 public policies and strategies in place. However, regulation remains a complex challenge requiring constant attention to protect privacy, human rights and ensure ethical AI use. States, creators, and users have a crucial role to play in utilizing and developing trustworthy AI with integrity. across geographic boundaries.
PANEL
In the era of AI, the role of the CISO is evolving to encompass the increasing need to adaptemerging technologies, and the transformation of security practices and collaboration. Tight budgets, a more complex threat environment, advanced AI tools, new regulatory requirements, and increased anxiety present cybersecurity leaders with a unique mix of challengesand opportunities to be drivers of growth for the company. Their role extends beyond threat protection and towards fostering innovation and business growth. Through their leadership to adoptsecure technologies, what strategies can be employed to address these challenges?
PANEL
The use of cyberspace as a weapon in conflicts, such as the Russian invasion of Ukraine, represents a historic turning point. The parties involved exploit this digital weapon to destabilize the enemy through disinformation and the destruction of vital targets. The concept of cyber resilience becomes paramount in this ever-evolving landscape of survival. What lessons can we draw regarding national security resilience? What strategies should be adopted to strengthen their security posture in cyberspace?
PANEL
With the rise of AI and advanced technologies, strategies must adapt to counter increasingly sophisticated attacks. In the face of cybercrime, international cooperation among police services and judicial authorities is taking shape, as evidenced by numerous international operations. However, discussions at the UN on the Cybercrime Convention are stalling and reveal a divide over the vision of what constitutes a cyber threat and attack. What are the recent advancements in the Budapest Convention framework? What were the outcomes of the ransomware conference organized by the United States in October 2022? What is the assessment of operations conducted by Europol? What are the achievements and limitations of the global strategy initiated by Interpol?
PANEL
Canada, with Bill C-26, is enhancing the security of essential systems and imposing new cybersecurity requirements. The EU, through the NIS2 directive, is establishing measures for a high level of cybersecurity, improving cooperation, and sharing threat information. In the United States, the NIPP fosters collaboration between the government and the private sector to manage risks and achieve security and resilience. These regulations converge towards a common theme: unifying efforts to secure critical infrastructure against cyber threats. What are the impacts on businesses affected by these directives? What insights into best practices can this cross-perspective provide?
PANEL
Whether in the air, on land, or at sea, intelligent and connected transport systems are vulnerable to cyber risks, potentially threatening human lives. The critical nature of these systems requires enhanced international cooperation, the adoption of stringent security standards, and the development of advanced defense technologies. These measures are essential to protect critical infrastructure and ensure the safety of passengers and goods in an increasingly automated world. What are the risks associated with the growing interconnectivity of autonomous vehicles, interconnected transportation systems across geographic boundaries and how can they be mitigated?