Teaser Retrospective Description In a world where critical infrastructures are increasingly dependent on digital technologies, the cybersecurity of operational technologies (OT) and industrial control systems (ICS) is a crucial issue. My presentation will cover the following points: Definition and importance of industrial cybersecurity: What is industrial cybersecurity, and how does it differ from traditional IT cybersecurity? Why has it become a priority for organizations? Panorama of past TO attacks: An overview of major attacks on critical infrastructures and their devastating impact (Stuxnet, Sandworm, etc.

Teaser Retrospective Description AI is rapidly transforming the world and is poised to revolutionize industries as profound as the Internet, electricity and printing. As a cybersecurity expert at Google, I’ve gained insight into the emerging AI security landscape. Interacting with customers who are implementing AI within their organizations, I’ve seen the breadth of AI security challenges that permeate every aspect of a company’s operations. This session will delve into my experiences at Google, highlighting the urgency of AI security preparedness and equipping you with strategies to proactively address these challenges.

Teaser Retrospective Description As a dynamic and constantly evolving field, cybersecurity requires rapid, informed decision-making. However, an often underestimated aspect of this process is decision fatigue, which can compromise the quality of strategic and operational choices in IT security. This presentation will look at decision fatigue, its specific impact on cybersecurity professionals, and offer concrete strategies for overcoming the challenges of the field without being overwhelmed. Real-life experiences will be shared, illustrating how decision fatigue can negatively influence security operations such as incident management, vulnerability management and offensive security activities.

Teaser Retrospective Description During 2023, Chinese interference in Canada was at the heart of the news. On the digital side, “APTs” attacker groups linked to China have been particularly active, conducting numerous cyberespionage operations. Researchers at ESET – a major provider of security solutions with a research office in Montreal – have acquired expertise in the analysis and intelligence of cyberattacks attributed to China. We have thus identified cyber espionage operations against governments, strategic companies (defense or high technology sectors for example) and individuals linked to the “five poisons” (activists for the independence of Taiwan, the Uighurs, the Tibetans , Falun Gong and pro-democracy activists).

Teaser Retrospective Description Technology is now everywhere and omniscient! It then allows for oppression, violence and even worse in certain conditions and in all spheres of human life and we will see that the spectrum is large and the borders are grayer or even non-existent. Moreover, all this affects all age stages from 7 to 77 years old, there are no longer many limits here either. We will travel this winding and more than rough path in order to know what we expose ourselves to and especially how we expose others and sometimes without really wanting to hurt either.

Teaser Retrospective Description Cybersecurity and compliance are two essential aspects of data management and information protection in today’s digital world. This presentation will explore in depth the links and nuances between these two areas crucial to the security of businesses and organizations. Nadhir Khayati Founder & CEO - Socurely

Teaser Retrospective Description The presentation will shed light on the behind-the-scenes of scientific research by exploring the need to understand and analyze previous studies that arrive at results divergent from ours. Two case studies will be presented. In the first case, we question researchers who claim to observe an increased risk of being a victim of cybercrime during the holiday season. In the second case, we will refute a study which mentions that attackers only use leaked passwords exclusively to carry out brute force attacks.

Teaser Description A true story of the discovery of a Korean “spyware”, which was unknowingly a precursor to new regulations in terms of mobile app privacy. The aim of the story is to highlight the importance of the new privacy laws and expose bad industry practices. These lead to interesting discoveries affecting both companies and their employees in their personal lives. About the speaker Mickael Nadeau Co-Founder CEO/CTO - CYBERDEFENSE AI

Teaser Description Discover one of the most significant phenomena of the technological era: the integration of generative Artificial Intelligence in the field of cybersecurity. The year 2023 was a watershed year, seeing many cybersecurity players adopt this technology to increase analyst productivity, automate processes and refine threat detection. This conference will plunge you into the heart of this revolution, addressing the dazzling speed of the evolution of generative AI and the challenges it raises: from the mitigation of hallucinations to questions of costs and licensing, without forgetting the issues of legal responsibility in an often vague legal framework.

Ensuring security through rapid data analysis Learning to analyze data at the speed of the business will ensure your security, fraud, and compliance teams can detect and investigate unwanted activity to quickly find anomalies and reduce loss of resources, reputation, and organizational efficiencies. Explore the world of data through your senses and learn how to search for anomalous behavior, transactional anomalies, and leverage Machine Learning (AI?) to experience data. About the speaker Matthew Joseff At an early age, Matthew had a passion for computers and game theory; he started out setting up computers at trade shows and managed an ISP while at university.

Teaser Retrospective Description The architectures developed over the last two decades are riddled with dark corners and weaknesses that open the door to cybercriminals. When we consider that the goal is to have greater visibility of what’s going on in the environment, we need to rethink the technology selection process to ensure maximum integration. “Less is more”, Simplify, to maximize compatibility, reduce blind spots and, above all, enable operations teams to delve deeper into the selected technology portfolio, instead of mastering a centimeter deep by 1 km wide.

Teaser Retrospective Description While nowadays subcontracting in companies is omnipresent, sometimes even in extreme proportions, this presentation will provide an overview of the issues specific to risk management in a subcontracting context. Starting with the origins of outsourcing and the reasons why companies end up entrusting sometimes critical services to partners, the presentation will address the risks represented by the different types of subcontracting. Using real cases of recent attacks as well as the entry into force of certain regulations, questions on the security of data entrusted to partners will be presented.

Teaser Retrospective Description During this presentation, the speaker will walk you through an investigation of a realistic incident representative of the attacks currently observed on this type of environment (AWS). Through this fictitious investigation, a review of the native security controls and their importance will be performed. Additional Open-Source tools, useful in the context of an investigation, will also be presented. The following topics will be covered: network security, logging, automated response, intrusion detection, privilege abuse.

Teaser Retrospective Full conference Description Are you curious to know “How to fail your crisis management”? Great! You’ve come to the right place! We will show you the 8 most effective strategies to sabotage your crisis management, but not only! Because crisis management is serious! We’ll also give you 9 keys to successful crisis management. You will then be able to watch others get their feet wet and say to yourself “oh my, I wouldn’t do that!

Teaser Retrospective Full conference Description The importance of integrating Cyber Threat Intelligence (CTI) into the defense plan of any organization that has reached a certain level of maturity in cybersecurity is clear. CTI allows to enrich existing tools to increase threat detection & identification capabilities and to add context around new attacks to be able to decide the best actions to take to protect against them. If a lot has been said about the use of CTI from the point of view of organizations that use it (or should!

Description Come to the conference to see and hear what Dimitri McKay has in store for us! About the speaker Dimitri McKay Principal Security Strategist / CISO Advisor Dimitri McKay has held a list of positions in the security space through his twenty plus years of working with Fortune 500 companies in and around security best practices, architecture and design. His education began at Harvard University, and continued with a number of acronymed certifications.

Retrospective Full conference Description Remote Desktop Protocol (RDP) allows users to connect to computers remotely. The pandemic has dramatically increased the number of people using RDP services to work from home. The high number of computers accessible via RDP and the popularity of default usernames and weak passwords have made RDP a prime entry point for hackers seeking to break into an organization’s network. As a result, it is likely that any computer exposing RDP to the Internet is of interest to malicious actors and is susceptible to frequent attacks.

Retrospective Full conference Description Remote Desktop Protocol (RDP) allows users to connect to computers remotely. The pandemic has dramatically increased the number of people using RDP services to work from home. The high number of computers accessible via RDP and the popularity of default usernames and weak passwords have made RDP a prime entry point for hackers seeking to break into an organization’s network. As a result, it is likely that any computer exposing RDP to the Internet is of interest to malicious actors and is susceptible to frequent attacks.

Teaser Retrospective Description Bitcoin “crap” or gold in bar!!! :) About the speaker Franck Desert Cloud Security, CTF Designer, Dev Architect Sr, Innovation R&D, Speaker Franck Desert (aka Phenix for CTFs) 30 years already in development and security. Security analyst and organic architect by day and by night he invests his time in the Cloud and in all the new gadgets in order to play, break and learn to try to concoct Prez and CTFs that he hopes you will like.

Teaser Description For years we have heard “it’s not ‘if’ we will suffer a cyber attack, but rather ‘when’”. This sentence is true and it makes sense, but we also underestimate what happens from day 0 of the incident and in the months and years that follow… By dissecting the different phases experienced following a major cyber attack on his organization, Alex will share his experience and his findings that have changed his perceptions on the management of major cyber attacks beyond the technical aspects and theory.

Teaser Retrospective Description Join us in our overview of different attack vectors studied by the Unit42 research team at Palo Alto Networks and how a DevSecOps approach can help bring security and development teams together and implement the continuous loop of hybrid cloud posture improvement. Docker, Kubernetes, Azure, GCP, SCM, CI/CD and GitOps will be on the menu to unify two traditionally parallel teams. About the speaker Kevin C-Dubois Architecture consultant - Cybersecurity

Teaser Retrospective Full conference Description Over the last decade, the Zero Trust Architecture (ZTA) has become the new standard for IT security: while the basic concepts of ZTA have remained unchanged, the architecture itself has evolved significantly over the same period to add identity, systems, contextual telemetry, feedback loops, continuous assessment, etc., to the initial micro-segmentation concept. Having accompanied many companies in their efforts to deploy their ZTA over the last 10 years, we must admit that few of them have been able to implement it despite their real desire to adopt it.

Teaser Retrospective Description Several cyber attacks such as NotPetya, Industroyer or BlackEnergy have targeted Ukraine for almost 10 years and tried to paralyze essential sectors of the territory. The 2022 invasion of Ukraine was also accompanied by numerous cyberspace operations. ESET is a leading provider of security solutions in Ukraine. Its research teams, including its including its Montreal office, have been on the front lines of analyzing and responding to these attacks.

Teaser Retrospective Description Several cyber attacks such as NotPetya, Industroyer or BlackEnergy have targeted Ukraine for almost 10 years and tried to paralyze essential sectors of the territory. The 2022 invasion of Ukraine was also accompanied by numerous cyberspace operations. ESET is a leading provider of security solutions in Ukraine. Its research teams, including its including its Montreal office, have been on the front lines of analyzing and responding to these attacks.

Splunk

Splunk

In-Sec-M

Crise et Résilience

GoSecure

Cyberswat

Fortinet

Hackers Without Borders

PolySécure

Prompt

Cyber Eco

PolySécure

Cyber Eco

PolySécure

Teaser Description A domain name (NDD in French abbreviated notation or DN for Domain Name in English) is, in the domain name system “DNS”, an internet domain identifier. There is often confusion between Domain Name (NDD/DN) and the Domain Name System/Protocol (DNS) this is surely due to an abuse of language and there are more than 40 of them now. A few years ago, when the Internet was in its infancy, the only way to access the site you wanted to visit was to enter the IP address, that long series of numbers, into the window of your Navigator.

Alithya

GoSecure

Cyberswat

Crise et Résilience

Fortinet

PolySécure

Prompt

Cyber Eco

PolySécure

Cyber Eco

PolySécure

Splunk

Splunk

In-Sec-M

Alithya

Hackers Without Borders