Passer au playerPasser au contenu principal
Vivatech
  • il y a 2 jours
From Recognition to Regulation: Building Cyber Resilience

Catégorie

🤖
Technologie
Transcription
00:00OK, good morning, everyone.
00:02Who's enjoying Viva Tech this morning?
00:06The audience, come on, audience, come on, audience, come on.
00:10My name is Myram Zaidi, I'm an international news presenter,
00:12and it's my pleasure to be hosting a debate on the black stage.
00:16I've been on the blue and the purple, so now we're on the black.
00:20So, you can see these lovely panellists here,
00:23and we're going to be talking about recognition to regulation,
00:26building cyber resilience.
00:28Now, NATO's Secretary General Mark Rutter said this week
00:30that we need a quantum leap in collective defence.
00:33Today, that idea of defence goes beyond these stockpiles and arsenals,
00:38and perhaps we'll look towards cyber security.
00:41The question we're asking is, you know, is it the new frontier
00:43where power can really be harnessed, but also perhaps corrupted?
00:47Now, the private sector is really a prime target
00:50for sophisticated foreign actors and rising AI-driven attacks.
00:53So, the question that we will be asking the panellists is,
00:56how can businesses better align strategies, of course, with the risks,
01:00what collaboration needs to be in place,
01:02and importantly, how is AI and cyber security risk
01:05reshaping corporate decision-making?
01:08It's really my pleasure to welcome you all to our panellists.
01:11We have Despina Spannou, obviously from the European Commission.
01:14She's a cyber security coordinator.
01:16We have Jamal Basrir, the Partner Leader for Cyber and Cloud Transformation at PwC.
01:23Welcome.
01:24And last but not least, we have Pascal Sekheli,
01:26the Director of Solution Engineering at Splunk by Cisco.
01:30Round of applause, please, for the panellists.
01:33Yeah.
01:34Fantastic.
01:35Okay, so I'll go down the line,
01:36and if you all can just introduce yourselves to the audience
01:39and a little bit about what you do.
01:41Yes, good morning, everyone.
01:42I'm Pascal Sekheli.
01:43I'm leading the technical teams here in France,
01:47as you can expect with my good French accent.
01:52So, Splunk is a U.S.-based software company,
01:55and now we are part of a larger family called Cisco since one year.
02:02And at Splunk, we provide software solutions, data platforms,
02:09especially highly specialized about cyber security.
02:12So, I think that's why I've been invited on that stage.
02:17And we collaborate and we work daily with our customers
02:21and our partners on their resilience challenges.
02:26And our customers are both private and public sectors in all industries.
02:34So, we engage daily with cyber security teams,
02:38but also compliance teams.
02:39So, everyone professional who is engaged on implementing
02:45and ensuring compliance with regulators.
02:51So, maybe, as you can see,
02:55I'm an old generation, the only one with paper notes.
02:58So, maybe a second step with my French accent.
03:03This spinner, over to you.
03:05Good morning, everyone.
03:07Thank you for being here.
03:08We appreciate it,
03:10because we know there are a lot of interesting things around.
03:12So, I work in the European Commission.
03:14I've been in the area of security for the last eight years,
03:16and I've experienced the preparation and negotiation
03:20of all this legislation that we're talking about
03:24and that we'll talk about today.
03:25And right now, I'm coordinating cyber security
03:28in the part of the technology department of the European Commission,
03:33bringing together all security elements
03:35and all technology issues.
03:40Good morning, everyone.
03:41So, my name is Jamal Basriar.
03:43I'm a partner at PwC.
03:45So, PwC is an international firm
03:49specialized in audit,
03:51but also in advisory and consulting services.
03:54So, I lead the cyber practice of PwC
03:59for France and Maghreb.
04:00I've been in the technology industry for 20 years,
04:05started my career in the telecommunications industry
04:08and then switched to the consulting
04:11and focusing on cyber since 2014.
04:17So, I'm really enthusiastic for this conversation.
04:21I think it's at the top of the agenda
04:23of our organizations today.
04:26So, really looking forward to this discussion we'll be having.
04:29Indeed, I'm looking forward to hosting all of you
04:33in this debate as well.
04:34So, Despina, I'm going to come to you first.
04:35And by the way, I'm also part of the Brussels bubble as well.
04:38So, we are comrades in that.
04:40So, I will come to you first then.
04:42So, we know the role of the European Commission
04:45is really to provide all of these great tools,
04:47the regulatory legislative tools,
04:49for their member states.
04:51And so, if we start things off,
04:53if we're looking at, you know,
04:54the crux of the debate,
04:56obviously the starting point is always
04:57to understand the risk.
04:59And the EU, as we all know,
05:01always has an arsenal of legislation,
05:03whether you're looking at DORA,
05:05the Cyber Resilience Act, the AI Act.
05:07But does this really do enough
05:09to create a security culture
05:13that provides that safety net
05:16for all of the companies
05:17and, you know, everyone falling with
05:19underneath the European umbrella?
05:22There is an interesting paradox.
05:25And I'll speak like a lawyer for a minute,
05:28if you allow me.
05:29All this legislation you mentioned,
05:32so the NIS directive,
05:33the Cyber Resilience Act,
05:36et cetera, the Cyber Security Act,
05:38are based on the legal basis
05:42for harmonizing legislation across the EU,
05:45having common standards.
05:46It's an internal market piece of legislation.
05:49However, it has been prompted
05:52by the wish of governments
05:53to have the so-called security union.
05:57Back in 2016,
05:59there was for the first time
06:00a call of EU leaders
06:02to create a security union.
06:04Security normally, under the treaties,
06:07is something that is
06:08in the powers of every government.
06:11It does not fall
06:12in the European competences power,
06:14as it is called, competences power.
06:16But that changed after the terrorist attacks
06:19of 2016, when Europe was hit,
06:21and we created this security union
06:23that took a little bit of time,
06:25but we are now fully
06:27in the security culture.
06:29Otherwise, we wouldn't have managed,
06:31let's admit it,
06:33because the tendency,
06:34when it comes to cybersecurity,
06:36of all professionals in that field,
06:37and those that hold the government force,
06:40for 27 countries,
06:42is to keep security to themselves.
06:45It's public sovereignty,
06:46it's state sovereignty,
06:47it's public interest.
06:49And here,
06:51we had a change of culture of sharing.
06:53Through this legislation,
06:55we created cooperation groups
06:58across the governments.
06:59We created a network
07:01of all the CERTs,
07:03the emergency centers
07:04of all the governments,
07:06to work together,
07:07to alert each other.
07:08We created solidarity mechanisms.
07:10So, this is really going well above
07:14and beyond the security culture,
07:16which is very introvert.
07:18We made it part of what we know
07:19how to do best in the EU,
07:21to work together,
07:22part of our collaboration.
07:24So, I think we are at another level.
07:26The security culture is there.
07:28In fact, more than ever,
07:30when we're talking today
07:31about the defense union in Europe,
07:34and cybersecurity is very closely linked,
07:36as you know, to defense,
07:37and today we even talk about cyber defense.
07:40Cyber security now found itself,
07:41not only we have a new security strategy
07:43in the EU,
07:44which is called Protect EU,
07:45but we also have a defense union strategy,
07:48and cyber defense is also in there.
07:50So, it is inextricably linked
07:52to our security and defense mechanisms.
07:54So, I think it's a given
07:56that we have a security culture,
07:58and it's not because of the legislation.
08:00I think the legislation is because
08:02there was a demand,
08:03because of the geopolitical situation,
08:05from all governments,
08:07for the EU to come together
08:09and be secure together.
08:11But as all of these regulations
08:13and legislations are coming into force now,
08:16how are you seeing,
08:17or are you seeing the sort of uptick,
08:19the better practices coming into place now
08:21within this sort of security culture
08:23within Europe now?
08:24So, first of all,
08:26we truly believe,
08:27and we know it,
08:28because we carry out exercises
08:30and stress tests,
08:32that a lot of attacks
08:33that have taken place
08:34in other parts of the world
08:35on critical infrastructure
08:37have spared Europe
08:39because of the built-in resilience
08:41and preparedness
08:42we have in our critical infrastructure systems,
08:44especially thanks to NIS 1,
08:47which covered all the traditional sectors
08:49of critical infrastructure
08:52and operators,
08:53energy, transport,
08:54health, financial sector, etc.
08:56With NIS 2,
08:57we have gone even further.
08:58We're covering public administration,
09:00all the manufacturing sectors,
09:01or space, etc.
09:03So, I think that
09:05because all these sectors
09:06are now being prepared,
09:07we see less of an impact.
09:10And as I said,
09:11we had the stress test,
09:12for instance,
09:12where the colonial pipeline incident
09:14took place in the United States,
09:17we saw that the immediate reaction
09:19of the administration
09:19was to adopt rules
09:21very similar to the NIS
09:22because the impact
09:24of the colonial pipeline
09:25in Europe was limited
09:27thanks to the fact
09:28that we were prepared.
09:29So, I think we have evidence
09:31that it works.
09:32It already started back
09:34in the non-PETIA days
09:35when networks
09:36of the emergency response teams
09:38started talking to each other
09:40and they prevented it from spreading.
09:42So, we see how the collaboration
09:43can also have an impact
09:45on avoiding the domino effect
09:47because the issue
09:48with the 27 governments
09:49is that we are connected.
09:51Let me give you
09:51one very small example.
09:53When we created
09:54the COVID certificate,
09:55we had one common database.
09:57you can imagine
09:58the personal data
09:59that were included.
10:00If one member state
10:01was the weak link,
10:03if one part,
10:04you know,
10:04of this chain of 27
10:05was the weak link,
10:07then you enter everybody.
10:08So, there is an interest
10:09to work together now
10:10because of the interconnected system
10:12in the area of health,
10:14in the area of finance.
10:15So, I think that in the end,
10:18we see the evidence.
10:20Now, that does not prevent
10:21that our industry
10:23suffers the same threats
10:25and the same attacks
10:27as everybody else in the world.
10:30And we know that cyber crime
10:32is on the rise, for instance,
10:33also in Europe.
10:35But this will be more
10:36about the implementation
10:37of the laws,
10:38which is the focus
10:39of the next five years for us.
10:41And we will definitely
10:42come to those in a bit.
10:43But I want to follow up
10:43with Pascal.
10:45On the regulation side,
10:47I mean, do you think regulation
10:48is evolving alongside tech?
10:50I mean, whether you take the EU
10:51or you look at the US,
10:54how does regulation
10:55really impact your business?
10:57Can you give us
10:58a little snapshot?
10:59Yes, of course.
11:00So, maybe just let's start,
11:04for example, with Nice 2.
11:06You spoke about Nice 1
11:07was already effect,
11:09but we come now to Nice 2.
11:11And Nice 2 is pushing,
11:14for example,
11:14more accountability
11:15to managers, I think.
11:17And so, it has a real impact
11:20inside the companies.
11:22Because at the beginning,
11:23it was cyber teams
11:25requesting more budget,
11:28more tools,
11:29more frameworks.
11:30And now it comes from the top,
11:33I think, from the board.
11:34And I think Jamal will explain
11:36that from his PwC experience.
11:40That's the first point.
11:41The second point is maybe
11:43that we have concrete example.
11:49For example, Splunk,
11:50US company,
11:52I sell products
11:54as either on-prem,
11:57in their own data centers,
11:59either on SaaS solutions.
12:01But my SaaS solutions,
12:02they are on AWS,
12:04Google,
12:06Azure.
12:06what's about
12:08the sovereign cloud?
12:09So,
12:10in France,
12:11we have now
12:11the Seqnum cloud
12:12requirement
12:13that part of
12:15the public sector
12:17is asking now
12:18I need the Seqnum cloud,
12:19which is
12:19the local
12:20implementation,
12:22I think,
12:22of the sovereign act,
12:24sovereign cloud,
12:24I think.
12:26And so,
12:27how,
12:27as a US company,
12:29I can still
12:30provide to my customer
12:32requesting
12:33Seqnum cloud?
12:34So,
12:35it's quite easy.
12:36I use the
12:36on-prem solutions
12:38and I put that
12:39and certify that
12:40inside the Seqnum cloud
12:41providers.
12:42Today,
12:43there are only few
12:44YAS
12:47Seqnum cloud
12:47certified in France,
12:49but you will see
12:50that more and more
12:50companies will come
12:51on that topic
12:53in France.
12:55That's an example.
12:56Another example
12:57maybe is
12:57retention of data.
13:00I see
13:01on my customer
13:02that retention of data
13:03is getting longer
13:04and longer
13:05and at the beginning
13:07it's just putting
13:08that in archive
13:09so that I can say
13:10to the editors,
13:11I got the data,
13:13don't ask me
13:14anything else.
13:15But now,
13:16it's really
13:16having live data
13:18because
13:19the editors
13:20will be requesting
13:21to access the data
13:23and to bring
13:23some reports
13:24about that.
13:25So,
13:25that's
13:26concrete examples
13:27in France
13:28about that
13:29regulation's impact.
13:31And then,
13:31Jamal,
13:32I mean,
13:32your perspective
13:32as well.
13:33how is your business,
13:34how is PwC
13:35working alongside
13:37the regulations
13:38and legislations?
13:40So,
13:41something I didn't mention
13:42in my initial presentation
13:43is that I'm
13:44following up
13:45these regulations
13:46for 10 years now,
13:48for decades.
13:48So,
13:49I've seen
13:50clear trends
13:52in how
13:52the regulatory space
13:54in terms of cyber
13:55but more broadly
13:56technology risk
13:58is evolving
13:59on the market.
14:01so here,
14:04I think
14:04there are
14:05concerns
14:05that exist
14:08I mean,
14:09at least
14:09in the discussion
14:10we are having
14:11with our clients
14:12on whether
14:13the regulatory
14:15approach
14:15is slowing
14:17down
14:17the innovation.
14:18So,
14:19that's the key
14:20question
14:21we are having.
14:23The answer
14:24I would like
14:24to bring
14:25to that
14:25that
14:26the way I see it
14:27is that regulation
14:28is enabling
14:29us
14:30to innovate
14:31and really develop
14:33technologies.
14:34You mentioned
14:35a couple of
14:35statistics
14:36about how
14:37cyber crime
14:38is rising
14:39about
14:39how much
14:41cyber attacks
14:41are rising
14:42as well
14:43and I think
14:44regulations
14:44are here
14:45to bring
14:46kind of frame
14:47to law
14:47organizations
14:48to secure
14:49their assets
14:50but also citizens
14:51actually.
14:52so I don't
14:54feel like
14:55keeping asking
14:56the question
14:57on whether
14:57regulation
14:58is slowing
14:59down
14:59innovation
15:00is the right
15:02way to ask
15:03the question
15:04but still
15:05I think
15:06there is
15:07a clear
15:09I mean
15:10there is
15:11agility
15:12I feel like
15:13the regulatory
15:14requirements
15:16we've been seeing
15:16on the market
15:17have brought
15:18agility
15:19so if you look
15:21at DORA
15:21DORA
15:22DORA's
15:23objective
15:23is really
15:24to bring
15:25or to shift
15:26from
15:27the standard
15:29cyber security
15:30paradigm
15:30to an operational
15:33or digital
15:33operational
15:34resilient paradigm
15:35which is
15:35completely different
15:36it's different
15:38in a way
15:39that it's
15:40making cyber
15:41experts
15:42going out
15:43from their
15:43comfort zone
15:45which is
15:46sometimes
15:47which tends
15:48to be
15:48on the
15:49technology
15:49side of things
15:51to go
15:52broader
15:52and address
15:53all the
15:53topics
15:54business
15:54continuity
15:55third party
15:56risk management
15:57and bring
15:58this conversation
15:59to the top
16:00so that's
16:01one example
16:02another example
16:03is probably
16:05around the
16:05cyber
16:07resilience act
16:08so in 2010
16:10there were
16:11approximately
16:111 billion
16:12connected
16:13devices
16:13we are
16:15now talking
16:15about 50
16:16billion
16:16this year
16:18and it's
16:19the projection
16:20is to have
16:20100 billion
16:22by 2030
16:23so
16:24if we don't
16:25do something
16:26if we don't
16:26bring a frame
16:28to organizations
16:28and probably
16:30bring
16:31strengthen
16:31the
16:32cyber security
16:33approach
16:34of
16:35products
16:36then
16:36I think
16:37we will
16:37have
16:37some
16:38big
16:39issues
16:39so
16:40that's
16:41a clear
16:41example
16:42and it
16:43entered
16:44it
16:46clearly
16:47entered
16:47into force
16:48in
16:482024
16:49and last
16:50example
16:51but not
16:51least
16:51we talk
16:52a lot
16:53about
16:53AI
16:53on
16:54VivaTech
16:55so AI
16:56is not
16:56new
16:56we are
16:58talking
16:58about
16:58AI
16:59since
16:591950
17:01but
17:02the
17:02craze
17:03we've
17:03been
17:03seeing
17:04around
17:04AI
17:05on
17:06the
17:06past
17:06three
17:07years
17:07is
17:08clearly
17:08a game
17:09changer
17:09so
17:10having
17:10again
17:11a new
17:11regulation
17:12that
17:12comes
17:12to
17:13bring
17:13some
17:14kind
17:14of
17:14structure
17:14and
17:15we
17:15see
17:15that
17:16organization
17:16need
17:17structure
17:17when
17:18you
17:18look
17:18at
17:18AI
17:19there
17:20is
17:20a lot
17:20of
17:21initiatives
17:22I have
17:23some
17:23of my
17:23clients
17:24who
17:24have
17:25already
17:25developed
17:263000
17:27or
17:27between
17:283000
17:28or 5000
17:29proof of
17:30concept
17:30around
17:31the
17:31AI
17:31but
17:32there
17:32is
17:32a
17:32clear
17:33problem
17:33to
17:33put
17:34this
17:34at
17:34scale
17:34and
17:35the
17:35reason
17:35for
17:35that
17:36is
17:36trust
17:36so
17:37again
17:37a new
17:38example
17:38that
17:39demonstrates
17:39that
17:40somehow
17:40regulation
17:41keeps
17:42the
17:42pace
17:43the
17:44other
17:45panelists
17:45are
17:46saying
17:47that
17:47all
17:48of
17:48the
17:48regulation
17:48is
17:49a
17:49good
17:49thing
17:49that
17:50it
17:50promotes
17:50and
17:51helps
17:52innovation
17:53but
17:54let me
17:56just
17:56ask
17:56you
17:56a
17:56follow
17:57up
17:57question
17:57if
17:57we
17:58look
17:58at
17:58the
17:58nearest
17:59competitive
17:59market
18:00so
18:01the
18:01US
18:01and
18:01China
18:02how
18:03is
18:03the
18:03regulation
18:04that
18:05the
18:05commission
18:06is
18:06putting
18:06in
18:06place
18:07for
18:07the
18:07European
18:08market
18:09for
18:09the
18:09EU
18:09how
18:10is
18:10it
18:10helping
18:10you
18:10innovate
18:11and
18:11keep
18:11pace
18:12with
18:12the
18:13US
18:13and
18:13China
18:14well
18:15we
18:17we
18:17we
18:17we
18:17innovate
18:18also
18:18through
18:18regulation
18:19meaning
18:19that
18:19the
18:20regulations
18:20are
18:20not
18:20just
18:21the
18:21rules
18:21they're
18:21also
18:21the
18:22financing
18:22programs
18:23that
18:23the
18:23investment
18:23programs
18:24so
18:24we
18:25couple
18:25rules
18:26that
18:27are
18:27all
18:27about
18:28the
18:28fair
18:29game
18:29it's
18:30about
18:30the
18:30level
18:30playing
18:31field
18:31in
18:32Europe
18:32that's
18:33why
18:33legal
18:34basis
18:34I
18:34mentioned
18:35earlier
18:35is
18:35about
18:35the
18:36internal
18:36market
18:36maintaining
18:37the
18:37same
18:37standards
18:38for
18:38everyone
18:38for
18:39all
18:39the
18:39players
18:39and
18:40then
18:40we
18:41couple
18:41that
18:41with
18:41the
18:42relevant
18:42investments
18:43and
18:43we
18:44now
18:44in
18:44Europe
18:44even
18:45have
18:45we
18:45had
18:45for
18:45the
18:46last
18:46six
18:47years
18:47a
18:47digital
18:48program
18:48specifically
18:49so
18:49not
18:49just
18:50the
18:50typical
18:50research
18:50programs
18:51we
18:52have
18:52investment
18:53capabilities
18:53and
18:54through
18:55the
18:55defense
18:55union
18:55now
18:56even
18:56more
18:56for
18:57cybersecurity
18:57so
18:58I
18:58think
18:59you
18:59innovate
19:00by
19:00doing
19:01the
19:02legislation
19:02is
19:03about
19:03the
19:03level
19:04playing
19:04field
19:04but
19:04then
19:05you
19:05need
19:05to
19:05couple
19:05it
19:06with
19:06encouraging
19:07the
19:07market
19:09the
19:10key
19:10will
19:10be
19:10where
19:11do
19:11we
19:11invest
19:12in
19:12Europe
19:12we
19:12need
19:13to
19:13invest
19:13where
19:14the
19:14capabilities
19:15in
19:15other
19:15parts
19:15of
19:16the
19:16world
19:16are
19:16less
19:17where
19:17we
19:18are
19:18stronger
19:18and
19:18I
19:18think
19:19that's
19:19where
19:19we're
19:19trying
19:19to
19:20direct
19:20our
19:20industry
19:21and
19:22if
19:22you
19:22look
19:22at
19:22constantly
19:23you
19:23spoke
19:24about
19:24AI
19:25we
19:26keep
19:26launching
19:28calls
19:28for
19:29financing
19:30programs
19:30for
19:30the use
19:31of
19:31AI
19:31for
19:32cybersecurity
19:32for
19:33the
19:33implementation
19:33of
19:34NIS
19:35for
19:35the
19:35implementation
19:36eventually
19:37of
19:37the
19:37Cyber
19:38Resilience
19:38Act
19:38so
19:39also
19:39the
19:39use
19:40of
19:40these
19:40technologies
19:41in
19:41favor
19:41of
19:42cybersecurity
19:42and
19:43to
19:43substitute
19:44also
19:44the
19:45problem
19:45of
19:46the
19:46skills
19:46shortage
19:46we
19:47have
19:47because
19:48we
19:49need
19:49these
19:49technologies
19:50to do
19:51what
19:51the
19:52people
19:52we
19:52don't
19:52have
19:53would
19:53do
19:53so
19:54I
19:54think
19:55there
19:55is
19:55a lot
19:55about
19:55that
19:56now
19:56because
19:56innovation
19:57needs
19:58workforce
19:58and
19:59in
19:59the
19:59area
19:59of
20:00cybersecurity
20:00and
20:01AI
20:01we
20:01do
20:02not
20:02have
20:02sufficient
20:02workforce
20:04well
20:05we
20:05talked
20:05a lot
20:05about
20:05regulation
20:06let's
20:06come
20:06to
20:07the
20:07risk
20:07now
20:07just
20:07to
20:08pick up
20:08on
20:08your
20:08point
20:08you
20:08were
20:09talking
20:09about
20:09the
20:09workforce
20:10the
20:11human
20:11element
20:12is
20:12also
20:12a
20:13big
20:13feature
20:13you
20:14could
20:14say
20:14in
20:15risk
20:15if
20:15people
20:16aren't
20:16managed
20:16or
20:16trained
20:17properly
20:17so
20:18perhaps
20:18I'll
20:19come
20:19to
20:19you
20:19how
20:20do
20:21you
20:21manage
20:21and
20:21train
20:21your
20:22workforces
20:22so
20:23that
20:23they
20:23can
20:23also
20:24understand
20:24and
20:24manage
20:25the
20:25risk
20:27so
20:27managing
20:28the
20:28risk
20:28is
20:29really
20:29also
20:31a
20:32human
20:32challenge
20:33as you
20:34said
20:35I will
20:36take
20:36an
20:36example
20:37at
20:38VivaTech
20:39as Jamal
20:39said
20:39everyone
20:40is speaking
20:40about
20:41AI
20:41AI
20:42implementations
20:43AI
20:43will be
20:44the future
20:44AI
20:45will be
20:47the solution
20:48for everything
20:49okay
20:49but if
20:50you speak
20:51about AI
20:51inside
20:52cyber
20:53security
20:53yes
20:54we are
20:55pushing
20:55the
20:56providers
20:57the
20:57software
20:58vendors
20:58they all
20:59provided
21:00some
21:00AI
21:01models
21:01specialized
21:02on
21:03cyber
21:03security
21:04for example
21:04Cisco
21:05delivered
21:05one
21:06just
21:06a few
21:07months
21:07ago
21:08about
21:09we
21:10took
21:10the
21:10public
21:12cyber
21:13data
21:13and
21:14we
21:14trained
21:15a
21:15model
21:16especially
21:17on that
21:18and we
21:18provide
21:18that
21:19to the
21:19community
21:19so
21:20everyone
21:21may use
21:22that
21:22inside
21:23their
21:23operations
21:24cyber
21:25security
21:25that's
21:26an
21:27example
21:27but
21:29the
21:29human
21:30aspect
21:30is
21:31still
21:31very
21:32important
21:32we
21:32need
21:33to
21:33keep
21:33the
21:34human
21:34inside
21:35the
21:35loop
21:35I
21:35will
21:35bring
21:36a
21:37very
21:37precise
21:38example
21:38for
21:39example
21:39few years
21:40ago
21:40Splunk
21:41we
21:41delivered
21:41a
21:42module
21:42called
21:42behavior
21:43analytics
21:44so
21:45it
21:45was
21:45really
21:45you
21:47push
21:47specific
21:48information
21:49into
21:49the
21:49system
21:49and
21:50you
21:50do
21:50any
21:51configuration
21:52at all
21:52and at
21:53the end
21:53it brings
21:54you
21:54to the
21:55security
21:55team
21:56all the
21:56suspected
21:57accounts
21:57but
21:58most
21:59of
21:59our
22:00mature
22:00accounts
22:01they
22:02refuse
22:02to
22:02use
22:02that
22:03because
22:03at
22:03the
22:03end
22:03the
22:04teams
22:05said
22:05okay
22:05I
22:06get
22:06some
22:06results
22:06but
22:07I
22:07don't
22:07know
22:08this
22:08is
22:08a
22:08black
22:08box
22:09for
22:09me
22:09and
22:09I
22:10don't
22:10know
22:10how
22:10it
22:11was
22:11thinking
22:11and
22:12how
22:12it
22:13delivered
22:13that
22:14results
22:14so
22:15we
22:15really
22:16need
22:16to
22:17push
22:17AI
22:18into
22:19framework
22:20cyber
22:21security
22:21framework
22:22and so
22:22on
22:22but
22:23we
22:23need
22:23to
22:23keep
22:23the
22:24human
22:24in
22:24loop
22:24and
22:25we
22:25need
22:25to
22:25keep
22:25experts
22:26driving
22:27that
22:28execution
22:30and
22:30so
22:30Jamal
22:31a
22:31similar
22:31question
22:32to
22:32you
22:32within
22:33PwC
22:33how
22:34are
22:34you
22:34managing
22:34the
22:35risk
22:37so
22:37I
22:38think
22:39managing
22:40this
22:40risk
22:40and
22:41going
22:41to
22:41let's
22:42say
22:42the
22:43cyber
22:44resilience
22:44paradigm
22:45which
22:45is
22:46quite
22:47different
22:47from
22:48being
22:49cyber
22:49protector
22:50from
22:50my
22:50perspective
22:52I
22:53think
22:53we've
22:53been
22:53talking
22:53about
22:54cyber
22:54for
22:54many
22:55years
22:55about
22:57technology
22:57discipline
22:58where
22:59actually
22:59it's
22:59a
22:59risk
23:00management
23:00discipline
23:01so
23:02when
23:02that
23:03is
23:03said
23:04I
23:05think
23:05the
23:05foundation
23:06of
23:06that
23:07is
23:07probably
23:07to
23:07understand
23:08which
23:09kind
23:09of
23:09threat
23:10we
23:10are
23:10exposed
23:10to
23:11so
23:11there
23:11is
23:12a
23:12clear
23:13call
23:13out
23:13I
23:14think
23:14now
23:15executive
23:16committees
23:16and boards
23:17are
23:17clearly
23:18aware
23:19of
23:19the
23:19cyber
23:20risk
23:20but
23:21there
23:21is
23:21a
23:21clear
23:22need
23:22to
23:22be
23:22continuously
23:23trained
23:24and
23:25also
23:26to
23:27monitor
23:28the
23:29cyber
23:29threat
23:30so
23:30that
23:30you
23:31can
23:31anticipate
23:33the
23:34future
23:34cyber
23:35attack
23:35because
23:36there
23:36is
23:37one
23:38key
23:38thing
23:38is that
23:39you
23:39cannot
23:39protect
23:40against
23:40everything
23:41so
23:42one
23:42day
23:42you'll
23:42have
23:42to
23:42react
23:43and
23:43then
23:44you
23:44have
23:44to
23:44have
23:45this
23:45reaction
23:45posture
23:46so
23:47back
23:47to
23:48your
23:48point
23:48Pascal
23:49on
23:49the
23:49human
23:49thing
23:50I
23:50think
23:50there
23:51is
23:51a
23:51clear
23:52need
23:52to
23:52bring
23:53deeply
23:54within
23:54organizations
23:55at
23:56all
23:56levels
23:56a
23:57strong
23:57cyber
23:58security
23:58culture
23:58so
23:59that
23:59people
23:59can
24:00react
24:00in
24:01case
24:01of
24:01cyber
24:02attacks
24:02because
24:03it's
24:03not
24:03a
24:03matter
24:04of
24:04being
24:04fully
24:05protected
24:05or
24:06being
24:06able
24:06to
24:06detect
24:06everything
24:07because
24:08I've
24:08not
24:08seen
24:08so
24:09far
24:09any
24:10organization
24:11and
24:12any
24:12industry
24:13being
24:13able
24:13to
24:14detect
24:14everything
24:16so
24:16even
24:17in
24:17sensitive
24:18sectors
24:18but
24:19I've
24:20seen
24:20different
24:20ways
24:21of
24:21being
24:21able
24:22to
24:22react
24:22to
24:22it
24:23so
24:23I
24:23think
24:23this
24:23is
24:23really
24:24the
24:24foundational
24:26principle
24:27to have
24:27in mind
24:28when it
24:28comes to
24:29being
24:29cyber
24:30resilient
24:30where
24:31for you
24:32perhaps
24:32are the
24:32operational
24:33vulnerabilities
24:33within
24:34companies
24:34perhaps
24:35not
24:35just
24:35PwC
24:36but
24:36generally
24:36in
24:37companies
24:38so
24:38vulnerabilities
24:39are
24:40more or
24:40less
24:41everywhere
24:42so
24:43there
24:44are
24:44vulnerabilities
24:45we
24:45know
24:46because
24:46they
24:46are
24:46regularly
24:48publicly
24:50they
24:51have
24:51regular
24:52solutions
24:52to
24:53resolve
24:54them
24:54but
24:55they
24:55are
24:55the
24:55ones
24:55that
24:56we
24:56don't
24:57know
24:58that
24:58an
24:59attacker
24:59can
24:59exploit
25:00and
25:01then
25:01there
25:01is
25:01the
25:02human
25:03somehow
25:04vulnerability
25:04we
25:05are
25:05all
25:05vulnerable
25:06here
25:09because
25:10and I
25:11think
25:11this
25:11is
25:11really
25:11the
25:14key
25:14thing
25:15that
25:15we
25:15need
25:15to
25:16improve
25:16in
25:17the
25:17next
25:17couple
25:18of
25:18years
25:19because
25:20technology
25:20is
25:20going
25:21very
25:21fast
25:21we
25:21talked
25:22about
25:23AI
25:23AI
25:24is
25:25bringing
25:25scale
25:26to
25:26organization
25:27but
25:27also
25:28to
25:28the
25:28attackers
25:28they
25:29are
25:29using
25:29AI
25:30and
25:30probably
25:30better
25:30than
25:31organizations
25:31right
25:32now
25:32and
25:33we
25:33clearly
25:33see
25:34that
25:34and
25:35they
25:35are
25:35investing
25:36a lot
25:36because
25:37there
25:37is
25:37a lot
25:38of
25:38money
25:38at
25:38stake
25:39you
25:39mentioned
25:39that
25:41earlier
25:42Despina
25:42so
25:43I
25:44think
25:44technology
25:45will
25:46not
25:46do
25:46everything
25:47it's
25:47not
25:47a
25:47technology
25:48thing
25:48but
25:48rather
25:49a
25:50human
25:50thing
25:50and
25:51there
25:51is
25:51clearly
25:51a
25:52mindset
25:52shift
25:53to
25:53have
25:53here
25:54okay
25:54so
25:55let's
25:55pick
25:55up
25:56on
25:56the
25:56shift
25:57and
25:57the
25:57human
25:57element
25:58in
25:59my
26:00introduction
26:00I
26:00was
26:00talking
26:01about
26:01the
26:01NATO
26:01Secretary
26:01General
26:02Mark
26:02Rutter
26:02he's
26:03obviously
26:03previously
26:04a
26:04politician
26:05in
26:06the
26:06Netherlands
26:06and his
26:07own
26:07home
26:07country
26:08the
26:09language
26:09that
26:09he
26:09used
26:10where
26:10he's
26:10talking
26:10about
26:11risk
26:11and
26:11security
26:13do
26:13you
26:13think
26:14there's
26:14an
26:14understanding
26:14at least
26:15at the
26:15national
26:16level
26:16within
26:17the
26:17EU
26:17and
26:18in
26:18the
26:18member
26:18states
26:19that
26:19there
26:20needs
26:20to be
26:20a
26:20different
26:21approach
26:21now
26:21towards
26:22what
26:22is
26:22security
26:23and
26:23do
26:24you
26:24see
26:24as
26:24if
26:25these
26:25leaders
26:26are
26:26now
26:26getting
26:27on
26:27board
26:27and
26:27understanding
26:28that
26:28the
26:28next
26:29line
26:29of
26:29defense
26:29needs
26:30to
26:30be
26:30or
26:30the
26:30main
26:30line
26:30of
26:30defense
26:31perhaps
26:31for
26:31the
26:31future
26:32given
26:32the
26:33technology
26:33we're
26:33seeing
26:33whether
26:34it's
26:34AI
26:34quantum
26:35that
26:35needs
26:35to be
26:36more
26:36towards
26:36cyber
26:36security
26:38absolutely
26:39I'll give
26:39you an
26:40example
26:40I remember
26:41that
26:42the
26:43Sunday
26:44after
26:44the
26:45war
26:46of
26:46aggression
26:46against
26:47Ukraine
26:47started
26:48there was
26:48an
26:49emergency
26:49meeting
26:50of
26:52home
26:53affairs
26:53ministers
26:53in
26:54Brussels
26:54to
26:55deal
26:55with
26:56the
26:56issue
26:56of
26:56the
26:56refugees
26:57that
26:57we
26:57expected
26:58coming
26:58in
26:58following
26:59the
26:59start
27:00of
27:00the
27:00war
27:00and
27:01while
27:03this
27:03was
27:03the
27:03topic
27:04for
27:04which
27:04they
27:05gathered
27:05the
27:06topic
27:06that
27:06was
27:07the
27:07most
27:07discussed
27:07was
27:08cyber
27:08security
27:08which
27:09is
27:09rare
27:09for
27:09home
27:09affairs
27:10ministers
27:10because
27:11cyber
27:12security
27:12in
27:12governments
27:13is
27:13usually
27:13reserved
27:14either
27:14to
27:15the
27:15specialty
27:17services
27:17like
27:18the
27:18digital
27:18ministry
27:19or
27:20in
27:20other
27:20technical
27:21offices
27:22so
27:22this
27:23was
27:23very
27:23telling
27:23that
27:24in
27:24the
27:24beginning
27:25of
27:25the
27:25war
27:25that
27:25actually
27:26started
27:26with
27:26a
27:26cyber
27:27attack
27:27that
27:28same
27:28morning
27:28there
27:29had
27:29been
27:30on
27:30Ukrainian
27:31systems
27:32people
27:33thought
27:33of
27:34cyber
27:34security
27:34so
27:34I
27:35think
27:35it
27:35is
27:35changing
27:36it
27:37is
27:37really
27:37changing
27:38because
27:38cyber
27:38security
27:39in any
27:39case
27:39will be
27:40the
27:40means
27:41for
27:41resilience
27:41for
27:41our
27:42systems
27:42there's
27:43no other
27:43way
27:43look at
27:44what's
27:44happening
27:45in the
27:45war
27:46right
27:46next
27:46to us
27:47to
27:48our
27:48borders
27:49what is
27:50the
27:50tool
27:50that
27:50is
27:50most
27:51used
27:51drones
27:51I
27:52mean
27:53this
27:54is
27:54all
27:54about
27:54cyber
27:55security
27:55and
27:56what
27:57is
27:57also
27:57very
27:58important
27:58is
27:58the
27:59hybrid
28:01nature
28:02of
28:02the
28:03threats
28:03today
28:03and
28:04of
28:04the
28:04attacks
28:05and
28:05the
28:06change
28:06of
28:06culture
28:06is
28:07also
28:07evident
28:07by
28:07something
28:07else
28:08we
28:08have
28:08started
28:08seeing
28:09attributions
28:10by
28:11countries
28:12which
28:13was
28:13something
28:13that
28:13we
28:13rarely
28:14ever
28:14did
28:15in
28:15the
28:15past
28:15so
28:17attributing
28:18events
28:18cyber
28:19events
28:19to
28:20specific
28:20actors
28:21which
28:22has
28:22also
28:22geopolitical
28:23dimension
28:23so
28:24that's
28:24also
28:25new
28:25and
28:25there
28:25also
28:26the
28:26collaboration
28:27of
28:27public
28:28and private
28:28partnership
28:29is
28:29very
28:29important
28:30because
28:30we
28:30see
28:30that
28:31there's
28:31often
28:31big
28:32operators
28:33and
28:33companies
28:34that
28:34identify
28:35these
28:36issues
28:38that identify
28:38that attacks
28:39come for
28:39specific
28:40actors
28:40and can
28:41report
28:41them
28:41and can
28:42allow
28:42governments
28:43to
28:44attribute
28:44appropriately
28:45so
28:46yes
28:47definitely
28:47we are
28:48in a
28:48culture
28:48of
28:49intelligence
28:50sharing
28:51and
28:52this
28:52we also
28:53enabled
28:53with the
28:54Cyber
28:54Solidarity
28:55Act
28:55you know
28:55that
28:55there will
28:56now be
28:56security
28:56operation
28:57centers
28:57that are
28:57cross-border
28:58across
28:58the EU
28:59financed
28:59by the EU
29:01that will
29:01be about
29:02collecting
29:02threat
29:02you said
29:03nobody can
29:03do it
29:04alone
29:04exactly
29:05and
29:06you can
29:06use
29:06all the
29:06AI
29:07that you
29:07want
29:07you will
29:08miss
29:09something
29:09so
29:09this
29:10is
29:10why
29:10we
29:10believe
29:10collaboration
29:11between
29:11countries
29:12and
29:13through
29:13these
29:13centers
29:14can
29:15be
29:15a
29:15game
29:15changer
29:16the
29:17same
29:17for
29:17vulnerabilities
29:18our
29:19European
29:19Cyber
29:20Security
29:20Agency
29:21launched
29:21in the
29:23middle
29:23of May
29:23a few
29:23weeks
29:24ago
29:24a new
29:25platform
29:26vulnerability
29:26database
29:27which was
29:27provided
29:28by the
29:28NIS
29:29legislation
29:29which is
29:30available
29:31to everyone
29:31and which
29:32we hope
29:32will also
29:33change
29:33so
29:34we
29:35actually
29:35act
29:36upon
29:36the
29:36security
29:36culture
29:37we
29:37don't
29:37just
29:37talk
29:37about
29:38it
29:38anymore
29:39so
29:39you're
29:40talking
29:40about
29:40collaboration
29:41and we've
29:43also
29:43spoken
29:44in length
29:44about
29:44the
29:45legislation
29:45there's
29:45one
29:46little
29:47fact
29:48I want
29:49to bring
29:50to you
29:50studies
29:50suggest
29:50that only
29:5129%
29:51of
29:52financial
29:52entities
29:52have a
29:53roadmap
29:53in place
29:54under
29:55DORA
29:55so what
29:56would you
29:56say to
29:57the
29:57companies
29:57that are
29:58yet
29:58to
29:59do
30:00what
30:00they
30:00need
30:00to
30:01do
30:03you
30:03know
30:03there's
30:04an
30:04American
30:04expression
30:05that
30:05says
30:05you
30:05snooze
30:06you
30:06lose
30:08you
30:09know
30:09we
30:10talk
30:10a lot
30:10a lot
30:11of
30:11events
30:12now
30:12are
30:13about
30:13critical
30:14infrastructure
30:14the
30:14NIS
30:15and I'm
30:15often
30:15being
30:16asked
30:16what are
30:16you
30:16going
30:16to
30:17do
30:17with
30:17so
30:17many
30:17countries
30:18that
30:18have
30:18not
30:18implemented
30:19NIS2
30:19and they
30:20are
30:20delayed
30:20and my
30:21answer
30:22is
30:22that
30:22NIS2
30:23is
30:23there
30:24for the
30:24operators
30:25to
30:25implement
30:25it
30:26is
30:26in
30:26their
30:26interest
30:27it
30:27is
30:27in
30:28your
30:28risk
30:28benefit
30:28analysis
30:29you
30:30can
30:30decide
30:31you
30:31will
30:31always
30:31pay
30:32the
30:32ransom
30:32and
30:33not
30:34create
30:34a
30:34more
30:34resilient
30:35system
30:35thank you
30:36for the
30:37t-shirt
30:37you had
30:37me at
30:38resilience
30:38by the
30:39way
30:40or
30:41you
30:41can
30:42implement
30:42a
30:43robust
30:43system
30:44and
30:44save
30:44yourself
30:45from
30:45becoming
30:46constantly
30:46vulnerable
30:47and
30:48what
30:48we
30:49are
30:49doing
30:49the
30:49oversight
30:50because
30:50yes
30:50there
30:51are
30:51sanctions
30:51and
30:51there
30:51are
30:52fines
30:52for
30:52not
30:52implementing
30:53reporting
30:54to
30:55governments
30:55when
30:55you
30:56suffer
30:56a
30:57cyber
30:58this
30:58is
30:58not
30:59about
30:59punishment
31:00this
31:01is
31:01about
31:01learning
31:02from
31:02this
31:02process
31:02and
31:03this
31:03is
31:04about
31:04creating
31:04the
31:04level
31:05playing
31:05field
31:05because
31:06again
31:06it
31:07is
31:07one
31:08becoming
31:08the
31:08weak link
31:09for
31:09everybody
31:09as
31:10the
31:10markets
31:11are
31:11interconnected
31:11so
31:13I
31:14think
31:14that
31:14we
31:15are
31:15getting
31:16there
31:17now
31:17and
31:18so
31:18Pascal
31:19how
31:19important
31:19is
31:20that
31:20contract
31:20of
31:21trust
31:21that
31:21companies
31:22need
31:22to
31:22have
31:22in
31:22place
31:23as
31:23well
31:25yes
31:26this
31:27contract
31:27is
31:28really
31:28between
31:28now
31:29the
31:30top
31:30management
31:30and
31:31the
31:31execution
31:31from
31:32the
31:32professionals
31:33IT
31:34experts
31:35and
31:35cyber
31:35security
31:36I
31:37think
31:37now
31:38it's
31:39really
31:39to
31:40make
31:40the
31:40bridge
31:42between
31:42the
31:42two
31:43to
31:43align
31:44and
31:44I
31:45think
31:45such
31:45consultancy
31:46teams
31:47like
31:47PwC
31:48can
31:48really
31:49execute
31:50that
31:51with
31:51customer
31:52the
31:53key
31:54point
31:54as
31:54you
31:54said
31:55also
31:55is
31:55regarding
31:56partnership
31:57because
31:58just
31:59before
31:59in
32:00the
32:00previous
32:00session
32:01he
32:02explained
32:03I
32:03partnered
32:04with
32:04Airbus
32:05Safran
32:06and so
32:07on
32:07in
32:08France
32:08we
32:09have
32:09intercept
32:10between
32:11different
32:12companies
32:12we have
32:13a
32:14common
32:14set
32:15regarding
32:15aircraft
32:17and
32:19Air
32:20France
32:20company
32:21and so
32:21on
32:21so
32:22we
32:23already
32:23have
32:24collaboration
32:25locally
32:26maybe
32:26the
32:27next
32:27step
32:27will
32:27be
32:27the
32:28cyber
32:29union
32:29as
32:30you
32:30say
32:32okay
32:32now
32:32we've
32:33only
32:33got
32:33two
32:33and a
32:33half
32:33minutes
32:34left
32:34so
32:35I'm
32:35going
32:35to
32:35ask
32:35you
32:35guys
32:36perhaps
32:36for
32:37your
32:37last
32:37call
32:37to
32:37action
32:38Jamal
32:38I
32:38start
32:39with
32:39you
32:39call
32:40to
32:40action
32:40but
32:41there
32:41was
32:41one
32:42thing
32:42I
32:42really
32:42wanted
32:42to
32:42ask
32:42you
32:43about
32:43which
32:43was
32:43the
32:43future
32:43of
32:44data
32:44security
32:44and
32:45where
32:45do
32:45you
32:45think
32:45it
32:45will
32:45go
32:46and
32:46what
32:46companies
32:46will
32:46need
32:46to
32:47do
32:47so
32:47within
32:47your
32:48final
32:48answer
32:48if you
32:49can put
32:49all of
32:49that
32:49in
32:49that
32:50would
32:50be
32:50great
32:51fantastic
32:51so
32:51I
33:13to
33:15go
33:15for
33:16an
33:16AI
33:17at
33:17scale
33:17so
33:18for
33:18organization
33:19that
33:19want
33:20to
33:20go
33:20at
33:21scale
33:21with
33:21AI
33:21there
33:22is
33:22a
33:22clear
33:23need
33:23to
33:23invest
33:24in
33:24data
33:25security
33:25so
33:26as
33:26part
33:26of
33:27my
33:27call
33:28to
33:28action
33:29I
33:30think
33:30we've
33:30been
33:32observing
33:32a
33:33cyber
33:33security
33:34market
33:34which
33:35was
33:35under
33:36the
33:37clients
33:37have
33:38been
33:38under
33:38investing
33:38for
33:39a
33:39couple
33:39of
33:39years
33:39over
33:40the
33:40last
33:41decade
33:41cyber
33:42not
33:42being
33:42at
33:43the
33:43right
33:43place
33:43meaning
33:44not
33:44embedded
33:45into
33:46all
33:47business
33:47initiatives
33:48of
33:48an
33:48organization
33:49I
33:49think
33:50now
33:50with
33:50AI
33:50there
33:51is
33:51an
33:51opportunity
33:51to
33:52fix
33:52that
33:53so
33:53the
33:54strong
33:55recommendation
33:55I
33:55have
33:56is
33:56really
33:56to
33:56get
33:57in
33:58that
33:59journey
34:00quickly
34:02and
34:03bring
34:04all
34:04perspective
34:05that
34:06the
34:06regulation
34:07actually
34:07is
34:08also
34:08bringing
34:08when
34:09we
34:09talk
34:10about
34:10responsible
34:11AI
34:11frameworks
34:12the
34:12AI
34:13act
34:13is
34:13bringing
34:14a
34:14lot
34:14of
34:14that
34:14so
34:15regulation
34:16is
34:17clearly
34:17a
34:18catalyst
34:19of
34:19that
34:19rather
34:21than
34:22a
34:23show
34:24stopper
34:24and
34:25yeah
34:26there are
34:26a couple
34:26of
34:28call out
34:28that we
34:29can do
34:29obviously
34:30invest in
34:31people
34:31training
34:32invest in
34:33the mindset
34:34shift
34:34bringing
34:35awareness
34:35in the
34:36organization
34:36at all
34:37levels
34:38especially
34:38at the
34:39board
34:39level
34:39but
34:39also
34:40within
34:41the
34:42business
34:42stakeholders
34:42and
34:43I won't
34:44speak
34:44about
34:44technical
34:45things
34:45here
34:45because
34:46they
34:46are
34:47really
34:47obvious
34:48but
34:49all
34:49of
34:49the
34:49things
34:49really
34:50need
34:50to
34:50be
34:50tied
34:50up
34:51and
34:51I
34:51think
34:52that
34:53will
34:53be
34:54my
34:54last
34:54word
34:54thank
34:55you
34:55I
34:58have
34:58a few
34:58things
34:59to say
34:59first
34:59of all
35:00I
35:00want
35:01to
35:01share
35:01with
35:01all
35:02of
35:02you
35:02that
35:02as
35:02we
35:03speak
35:03we
35:03have
35:04an
35:04ongoing
35:04public
35:05consultation
35:05on
35:06the
35:06cybersecurity
35:06act
35:07revision
35:07the
35:08previous
35:08speaker
35:08was
35:09talking
35:09about
35:09supply
35:09chain
35:10issues
35:10and
35:11the
35:11risks
35:11that
35:12come
35:12from
35:13certain
35:13technologies
35:14but also
35:15from
35:15certain
35:16geopolitical
35:17considerations
35:17this is
35:17part of
35:18this
35:18public
35:18consultation
35:19which
35:20is
35:20also
35:20about
35:20the
35:21certification
35:22regulation
35:23in the
35:23EU
35:23so
35:24it
35:24is
35:24of
35:24interest
35:24to
35:25many
35:25many
35:25stakeholders
35:26so
35:27an
35:27opportunity
35:27for
35:28you
35:28to
35:28tell
35:28us
35:28what
35:28you
35:28think
35:29it's
35:29ongoing
35:29until
35:29the
35:3020th
35:30of
35:30June
35:30so
35:30that's
35:31the
35:31first
35:31thing
35:31second
35:32thing
35:32only
35:33last
35:34Friday
35:34we
35:34adopted
35:35at the
35:35level
35:35of
35:35the
35:36EU
35:36playbook
35:37the
35:38blueprint
35:38on
35:39large
35:39scale
35:40incidents
35:40which
35:40is
35:40about
35:41again
35:41how
35:42we
35:42work
35:42together
35:42who
35:43does
35:43what
35:43in
35:43case
35:44of
35:44a
35:44large
35:44scale
35:45incident
35:45and
35:45again
35:45that
35:46shows
35:46the
35:46importance
35:47of
35:47public
35:48and
35:48private
35:49partnership
35:49so
35:50just
35:50a few
35:50things
35:51from
35:51us
35:51now
35:52when
35:53we
35:53look
35:53at
35:53the
35:54foresight
35:54report
35:54of
35:55the
35:55European
35:55Cybersecurity
35:56Agency
35:56and
35:56NISA
35:57for
35:572030
35:57there
36:01AI
36:02driven
36:03attacks
36:04will
36:04be a
36:05real
36:05threat
36:05and
36:06will
36:06become
36:06a
36:06major
36:07threat
36:07the
36:07abusive
36:07use
36:08of
36:08AI
36:08but
36:09there's
36:09also
36:10one
36:10major
36:10issue
36:11and
36:11that's
36:12the
36:12number
36:12two
36:12threat
36:13foreseen
36:13for
36:132030
36:14and
36:14that's
36:15skills
36:15so
36:16I
36:16take
36:16the
36:16opportunity
36:16of
36:17being
36:17here
36:17to
36:18say
36:18invest
36:19the
36:19most
36:20you
36:20can
36:20on
36:21people
36:21or
36:22on
36:23tools
36:23such
36:24as
36:24the
36:24ones
36:25we
36:25finance
36:25in
36:25the
36:25EU
36:27for
36:27creating
36:28for
36:29addressing
36:29this
36:29security
36:30gap
36:30that
36:31we
36:31have
36:31with
36:32the
36:32skills
36:32shortage
36:32very
36:33important
36:33that
36:34is
36:34important
36:34Pascal
36:35maybe
36:36two
36:37very
36:37concrete
36:38call
36:39to
36:40action
36:40first
36:41as
36:42Despina
36:43said
36:43all
36:44these
36:44regulations
36:45provide
36:46very
36:47concrete
36:48guidelines
36:49and
36:49frameworks
36:49so
36:50please
36:51read it
36:52and you
36:53will be
36:53surprised
36:54how
36:54concrete
36:54it
36:55is
36:56much
36:57more
36:57than
36:57you
36:58may
36:58imagine
36:58and
37:00second
37:00step
37:00second
37:01call
37:01of
37:01call
37:02version
37:02we
37:02spoke
37:03about
37:03AI
37:04AI
37:04will
37:05be
37:05a
37:06secret
37:07source
37:07for
37:07next
37:08step
37:08on
37:08cyber
37:09security
37:09for
37:09sure
37:10but
37:10don't
37:11forget
37:11to
37:12secure
37:12your
37:13AI
37:13usage
37:14inside
37:14your
37:15companies
37:15I
37:15think
37:16now
37:16we
37:17have
37:17everyone
37:18here
37:18has
37:19shadow
37:19AI
37:19into
37:20his
37:20company
37:21we
37:21need
37:21to
37:21secure
37:22that
37:22also
37:22and
37:23I
37:23think
37:23it's
37:24part
37:24of
37:24the
37:24AI
37:24act
37:25for
37:26next
37:26steps
37:27okay
37:28thank
37:28you
37:28so
37:28much
37:28to
37:28Pascal
37:29Despina
37:29and
37:30Jamal
37:30audience
37:30please
37:30give
37:31them
37:31a
37:31big
37:31clap
37:32thank
37:32you
37:32so
37:32much
37:32thank
Commentaires

Recommandations

Cyber Resilience Building Secure Societies
Vivatech
il y a 2 jours
PBS - Nova Typhoid Mary The Most Dangerous Woman in America
Documentary World
il y a 13 heures
The 50 19th February 2026 EP 19
GOK GOK
il y a 13 heures
Black and Jewish America An Interwoven History - Season 1 Episode 1 Let My People Go
Documentary World
il y a 1 jour
Black and Jewish America An Interwoven History - Season 1 Episode 3 The 'Grand Alliance
Documentary World
il y a 1 jour
The 50 18th February 2026 EP 18
GOK GOK
il y a 2 jours
Showmatch de l'Ultimate Fighting Arena (UFA)
Vivatech
il y a 2 jours
Karmine Corp: Faire de la féminisation de l'e-sport une mission
Vivatech
il y a 2 jours
UFCEP : L’exception e-sportive française
Vivatech
il y a 2 jours
Déconnecter pour reconnecter : Quelles sont les clés d’un rapport sain au digital ?
Vivatech
il y a 2 jours
Entrepreneuriat : Instagram vs Réalité
Vivatech
il y a 2 jours
De la compétition à la cohésion : quand l’Esport anime nos communautés
Vivatech
il y a 2 jours
The Future is Fem[AI]le: Révéler Son Potentiel avec l'IA
Vivatech
il y a 2 jours
MVP - Ma Vie Pro : Travailler dans la tech en 2025
Vivatech
il y a 2 jours
From Barça to the Boardroom: Gerard Piqué’s Vision for the Game, With a Kings World Cup Clubs Final Preview
Vivatech
il y a 2 jours
DANC·R BATTLE Share E·motions
Vivatech
il y a 2 jours
No Timeout: Leadership in Motion
Vivatech
il y a 2 jours
Quantique mode d’emploi : Comprendre la prochaine révolution
Vivatech
il y a 2 jours
Explorez, écoutez, interagissez : 200 personnages historiques vous guident à Paris
Vivatech
il y a 2 jours
Elles ont entre 12 et 17 ans et elles pitchent leur application !
Vivatech
il y a 2 jours
Worldskills : la compétition des métiers à l’heure de l’IA
Vivatech
il y a 2 jours
Backing Breakthroughs: Inside Aramco Ventures’ Investment Strategy
Vivatech
il y a 2 jours
The Gamification of Delivery
Vivatech
il y a 2 jours
Quantum Computing: What Leaders Need To Know
Vivatech
il y a 2 jours
New Frontiers of Beauty Powered by Tech by L’Oréal Groupe
Vivatech
il y a 2 jours