Programme of Conferences 2019

How can we accelerate Africa's digital transformation by opening up the field of digital trust to technological innovations through the adoption of remote electronic signatures?

In Africa, the dematerialisation market is booming and is set to grow exponentially over the next decade. By 2025, half of all government procedures could be automated and paperless.
Dematerialisation and the move to all-digital technology, with the adoption of electronic signatures and legal electronic archiving, offer advantages that could profoundly transform the economies of these countries. This digital transformation is accompanied by regulatory issues that enable recognition of the document and the electronic signature, and the establishment of conditions of equivalence between the handwritten signature and the electronic signature. However, compliance with these legal frameworks requires physical means to be "approved" by the supervisory bodies, the use of which reduces the spread of dematerialised processes, limits the cases of use and puts the brakes on the promised digital revolution. Remote electronic signatures offer a number of advantages: very few prerequisites, ease of use, relatively low cost, support for any terminal (computer, smartphone or tablet), etc.

Mastering the risks associated with the digital transformation of businesses

The digital revolution is affecting all major groups, both in their internal operations and in their offerings and customer relations. These transformations are profoundly changing security risks, and creating new ones.
The presentation will focus on practical feedback, presenting the risks analysed and the security solutions envisaged in different contexts.
It will focus on the "issues - approach - results" triptych and will remain neutral with regard to solution providers.

Secure and restrict access to data to achieve maximum security and compliance

Data is now seen as a strategic asset that enables companies to remain competitive and build a relationship of trust with their customers. Data is consumed from anywhere and in real time, but its access and lifecycle must be totally secure. At a time when almost 80% of attacks and data leaks are linked to an internal threat or negligence, it is becoming imperative to ensure the security of data and other strategic assets at source. During this workshop, you will discover how to achieve this objective through the management of privileged access. What our experts have to say will be illustrated by real-life examples and feedback from a CIO.

Round Table: Cyber threats: anticipation and crisis management strategies

Faced with the multiplicity of cyber attacks, many companies would not survive a disruption to their information systems lasting just 3 days. How can we prepare to resist and react effectively in the event of major cyber attacks? What measures should be taken in terms of prevention, protection, detection and response to attacks? Backed up by real-life examples, this round table will give you a better understanding of anticipation and crisis management strategies.

The challenges of detecting and responding to cyber incidents

From malicious acts to crisis management: how to implement a detection strategy. A look back at 3 years of operations within Excellium Services' SOC and CSIRT departments.

Making supervision a performance tool

While it is not possible to prevent attacks, detection capabilities can limit their impact. This requires interconnection with an international ecosystem, machine learning/artificial intelligence tools and an available and experienced remediation capability. Feedback from operations carried out by Orange Cyberdefense for its customers around the world.

How inter-SOC relations can boost incident detection and response capabilities

Testimonials and feedback

Risk Assessment Guide for Confidentiality and Security Teams

Risk assessment as part of vendor management, breach notifications, DPIAs and other activities is essential to ensure compliance with many international privacy laws and security frameworks. Organisations regularly adapt their data protection and security activities based on the results of detailed risk assessments, which raises many questions. How should risk be assessed? What constitutes a negligible, limited or significant risk? How do we define a risk criterion? What is the difference between inherent, current and residual risk? In this session, we will detail the importance of conducting risk assessments under international privacy laws such as the RGPD and other security frameworks such as ISO 27001. In this session, we will also suggest scenario-based approaches to risk assessment and present examples of how to adapt your approaches according to the level of risk.
- Understanding the different approaches to risk assessment
- Learn how to define a risk criterion and how to assess the level of risk
- Discover how to adapt your confidentiality and security programmes using a risk-based approach

Use Case of Cloud services by HUAWEI

Use Case of Cloud services around the world, how telecoms operators are positioning themselves in this market with a Cloud and SoC offering to meet the needs of businesses and support governments in setting up secure Cloud services.

The Art of Threat Research

Cybercriminal activity in underground markets constantly fluctuates in response to different factors, such as real-world market movements or the availability of new tools or technology. Studying the current threat landscape becomes essential to predict the new threats in the future to proactively protect business through the upcoming challenges. Threat research is the real flexible shield which protects our digital world.

Efficient outsourcing of an SOC activity: process, scalability and detection

The complexity of cyber threats, detection platforms and treatment processes means that companies, and in particular vital interest organisations (VIOs), are faced with difficult choices. How can they ensure that their IT systems are effectively protected over time, how can they ensure that they are always at the cutting edge in terms of detection, and what business model should they adopt to control costs? Calling on an outsourced, sovereign SOC capable of protecting the company at all times would appear to be a sustainable, scalable solution, able to offer a range of protection options suited to any size of company. During this workshop, we invite you to come and find out how the process of 'onboarding' a customer within the inwi business SOC is set up, as well as the day-to-day interaction processes for handling alerts and implementing corrective measures. The workshop will last 1.5 hours and will involve a simultaneous connection with the inwi business SOC in Casablanca.

Have you ever had to defend yourself against a DDoS attack, reducing your connectivity and availability? Do you think it won't happen to you?

Join the leading provider of DDoS defence solutions for an afternoon of learning critical DDoS defence techniques.
You will learn how DDoS countermeasures work, followed by a role-playing session in which you will be the defender and the attacker in several series of wargames.
Your conclusion will be to know how the attackers act and how to use many of the current best practices in defending against DDoS attacks.
A unique opportunity to practice network security defence in the field!
When: 14 June 2019 Where: Marrakech
This half-day session includes a condensed transfer of knowledge designed to help you fully understand countermeasures and how to implement them in the context of an active DDoS attack. Afterwards, users should be ready to use their 'A' game to try and defend their site against DDoS attacks. Throughout the session, you will have the opportunity to be both the attacker AND the defender in several rounds designed to highlight operational best practice in defending against DDoS attacks.
Places are limited and reserved for end customers. ID will be required at the start of the session.

Mehdi has several years' experience in IT security. In 2012, he started out as a security consultant for HP, NEXTIRAONE and SCC, where he worked on a number of integration and security architecture projects and intrusion audits. This experience enabled him to develop the versatility needed to address a security project in its entirety. At the same time, he became interested in pre-sales. Since 2018, his mission has been to help customers meet the challenges of managing privileged accounts on the African and Middle Eastern markets.

Over 24 years experience leading ICT/Business Transformation strategies and successful program Sales within the telecommunications industry and Enterprise in Europe and Middle East
with strong client and inter-personal communication experience incorporating Direct Sales/Indirect Sales, management & Account Management at international levels, having a strong experience and background on cloud computing, and ICT innovation professional focused on business value; brings experience, creativity, structure, motivation, & agility. Over 24 years of ICT experience,
Served sectors include Telecom and Enterprise in Europe, Middle East and Africa .
Mr. Chakib Achour worked in the past for Oracle, IBM Europe, Alu, SAP and Accenture before to join Huawei.

Nicolas Arpagian is Director of Strategy and Public Affairs at Orange Cyberdefense.
He teaches at the Ecole Nationale Supérieure de la Police (ENSP) and lectures at the Ecole Nationale de la Magistrature (ENM).
He is a member of the Advisory Board of the Institut Diderot.
He founded and directed the Digital Security Cycle at the Institut National des Hautes Etudes de la Sécurité et de la Justice (INHESJ), a public institution reporting to the French Prime Minister.
He is a Director of the ACYMA Public Interest Group, which manages the government platform www.cybermalveillance.gouv.fr, and a Director of the Alliance pour la Confiance Numérique (ACN), which brings together the main economic and technical players in the security sector.
Nicolas is the author of a dozen books, including :
- La Cybersécurité" in the Que Sais-Je? collection published by Presses Universitaires de France (PUF).
- What digital threats in a hyperconnected world?", Institut Diderot, 2018.
- L'Etat, la Peur et le Citoyen (The State, Fear and the Citizen), Editions Vuibert
- La Cyberguerre - La guerre numérique a commencé", Editions Vuibert.
- Liberté, Egalité...Sécurité", Editions Dalloz.

Christophe is the Co-Founder and Managing Director of Excellium Services. He is also the CTO of Excellium Security, the new Moroccan entity of the MED-TECH Group, with which Excellium has formed a technological partnership. Prior to joining Excellium, Christophe was Vice President and General Manager for the Europe, Middle East & Africa region at Qualys.com.

Hamed Diab joined ForeScout Technologies in 2016 as Regional Director for Middle East, Eastern Europe and Africa. In this role, he provides strategic and commercial leadership for ForeScout's private and public sector programs in the region.
Prior to joining ForeScout, Hamed led the MENA Sales team at McAfee, served as General Manager with 3COM Middle East and held several leadership roles in Hewlett Packard Corporation ranging from Country Sales Management to Regional Sales Management.
Hamed is a recognized technology leader known for his strategic vision on how to achieve business goals; and passionate about helping organizations to embrace the proliferation of IoT devices and cloud adoption to enable better service and protect customer data. He regularly participates in speaking engagements on continuous monitoring, visibility, access control and automation.

Loubna has several years' experience in IT security and telecoms. In 2012, she joined WALLIX as a pre-sales representative in charge of international sales. This position enabled her to develop her versatility and build up a substantial network of contacts. At the same time, she became interested in business development. Since 2017, her role as Maghreb Business Manager has been to build and consolidate WALLIX's presence on the Maghreb market.

An engineering graduate of the Ecole Supérieure l'Informatique Electronique Automatique, Hervé is a recognised expert in France in risk management and information systems security. He has been working with major European groups for twenty years on issues relating to IT risk management, security, business continuity, fraud, business intelligence and ethics. Before founding Formind in 2010, a consultancy specialising in security and risk management (105 consultants to date), he was successively Head of the IS department at Solucom and Managing Director of XP Conseil within the Devoteam Group. In addition to his assignments, Hervé is a regular speaker at conferences and interviews.

As Threat Research Engineer in Trend Micro research lab in Toronto, Canada, Mina Naiim focuses on modern threat landscape, advanced malware, and threat response process. - Mina joined Trend Micro in the early part of 2017 and he is now holding the role of Threat Research Engineer where he is researching the most advanced malware mechanisms in order to develop solutions to protect Trend Micro customers. Mina has a recognized history in delivering enablement and training sessions to organizations about the new attack vectors and the incident response strategies. - Mina recently relocated from Cairo, Egypt to Toronto, Canada. He holds a Bachelor in Electronics and Communications Engineering from the University of Alexandria and joined research projects with different universities.

Mohammed NAJAM is a recognised expert in cybersecurity, particularly in the field of digital trust, thanks to over 18 years' experience. Within Bull and then Atos, he has held a number of senior positions in hardware and software security solutions, consulting, business development and project management. Over the past ten years, he has supported customers in North Africa and French-speaking Africa in their digital transformation, offering advice and delivering high added-value projects: implementation of trusted infrastructures to meet the security challenges associated with digital identity management, authentication, electronic signatures and legal archiving.

Sylvain Saubrement is a member of the Global Alliances team at OneTrust - the largest and most widely used dedicated privacy management technology platform to operationalize privacy, security and third-party risk management. In his, Sylvain supports unique Partner Programs offering resources and recommendations to over 50 global law firms and consultancies that leverage the OneTrust platform to deliver robust regulatory compliance solutions to their customers. Sylvain is a Certified Information Privacy Professional (CIPP/E) and has an International Business Degree from KEDGE Business School in Marseille, France.