Okay. Thank you. Thank you. Hello, everyone.As I said, I'm super glad to be here with you today and to talk about this very, key topics, which is the cybersecurity, and even more critical when it comes to emerging technology. Now let's move to the agenda. So I will start, of all, in fact, to talk about the threat landscape, because it's becoming more complex and more wider, we need to start to understand, in fact, the landscape. Then I would like to go through the cyber attack use case, because it's quite important to understand also the new paths that are used by trade actors. I would like also to raise the fact that currently with the evolving world and digital environments, so worlds are moving organization. They need to adapt.

So, and that's the reason why, in fact, we need to go to this very key element of the organization. So, of course, cybersecurity, so a business enabler. So I would like to demonstrate that through this presentation. And we cannot, of course, talk about cybersecurity innovation technology without AI. AI it's of course a partner in efficiency. So it will bring and will, it's bringing and will continue to bring a lot of opportunities, but it's also new threat that we are not yet all discovered. So, and I would like also to end really with the critical risk that are merging and, the fact that, leaders need to, to tackle this seriously. So talking now about, in fact, the new trends that we have seen for the past years. So again, pandemics, they have led hyper connectivity. So we have seen that we started to engage remote administration, maintenance to critical infrastructure, which was not the case before. So we have seen also a move to cloud.

So that is driven, in fact, by the need to have data for operational efficiencies, for digitization efforts that are also needed for sustainability activity that are required by company to reach, in fact, their target. So trade actors are also adapting to all of these trends. So when we can see also that the clouds are more and more targeted, for instance. So, but unfortunately, we still see a lack of operational ownership throughout all of this. So you may need to post segmentation, and the fundamentals, the basics, some of, most of the time are not yet met. So, and this is also allowing, in fact, attackers, and we have seen an increase of ransomware attacks that are causing very damageable impact when it comes, for instance, to oil, electricity, water supply impact. So this is becoming quite serious. And this is the reason why we need to ensure that we are securing in fact, the full landscape.

So supply chain includes many, many players, and we are talking about parties. And today it's even becoming, let's say, absolute, because now we talk about parties that need to be part of the ecosystem and the, this assessment. So, but unfortunately, so sometimes this is also limiting the risk of visibility and making very difficult to detect and respond rapidly. So to any threat, and therefore it's really an increase of, of risk. We have seen again this increase of connectivity, digitalization, cloud, Internet of things. We can see how it's evolving. So this is not a world. We'll have more and more, in fact, devices connected to, to Internet. So, this is also a way to, wake up, in fact, call to also understand that any potential can be even through a party, through a supplier, so that can gain access to your network.

This is also important to have this in mind. So we are increasing, in fact, the blind spot. So especially on the OT environment, so operational technology environment. So before it was completely too separated environment, but it's not anymore the case for efficiency and increase of, of, operations that are required, in fact, to have more and more connected system that is creating also a huge complexity. So OT, unfortunately, they are often in fact, older and less secure. And, this is creating really a huge risk because they are now Internet facing or sometimes even connected to the to the cloud. And this is now exposing, in fact, the threat as the IT environment for the OT's, environment. Of course, we have AI that is also helping all over that with analyzing, in fact, massive volume of, of data to identify patterns and anomalies.

But this is also a way that, trade actors are using AI. In fact, to have more sophisticated attack. So the main challenge here now is need to be addressed. So companies, they need to develop, in fact, a strategy to be able to to monitor, in fact, for all the supply chain and building and maintaining, in fact, the resilience in face of the new risk that are constantly, in fact, evolving. So, saying that, I would like to, to show you

sorry.

The next I'm having an issue to go to the next slide. Sorry. Sorry. So saying that so I would like, in fact, to go through this, specific attack because, as we can see here, so now attacks are completely transversal. So more than that, attacks are exploiting connections. As we have seen before, So more and more connected, environment devices. So it's also an exploit. So today, in fact, workstation, IT environment are exploited to reach OT system. So here I wanted it, in fact, to share with you, in fact, this case that happened, in fact, the Triton attack that happened in 2017 on a petrochemical company that was targeted by a sophisticated attack. The goal, you know, it's not to steal the data.

It was really, in fact, to disable an industrial safety system that is designed to protect the facilities, the employees, and the environment. So the attack is known as treason. It was stopped just in time and but this learning, it's revealed, I think, a very key element here. And that's why I wanted to talk about it. So we can see that a simple IT compromise can now threaten human lives. This is quite key, and this is quite extremely serious. We are not anymore talking about operations or at the, at the company level. We are talking about also the the threat on the people and the citizens. So this is the reason why, in fact, we can see also that governments now are also tackling more and more of this risk that is increasing on the critical infrastructure and the OT environment. So there is a key element that need to be under understood that OT attacks can completely shut down a factory.

A supply chain can also stop the customer service center. It can have a huge revenue loss. So So we are talking about, about millions that can cost per hour every hour of disruption. So, we can have also the legal liability. So, because if lives are at stake, so leadership may be held accountable. This is quite key. And so organization and company, they need, in fact, to understand that this is becoming really a a a key topic. So, now if we if we talk about the responsibilities as we have seen previously, So we need really to rethink about that. So cybersecurity, it's not just a matter of IT. So, the it's not only managed by the IT department. So the cloud becomes a convergence with all the points.

So we know we have industrial, we have commercials, we have the full convergence. So the customer that analyze are stored on the cloud platforms. So it creates a full interdependency between the previous in fact, a system that were siloed. So any bad configuration on the cloud or on the supplier can, again, expose the full ecosystem. And this is something that's really need to be understood well. So the responsibility are completely blurred as of today. So who will be blamed in case of a security on a connected sensor? Or if there is an issue on the cloud? Or if we have an issue on the AI algorithm? So, this is quite an element that really need to be clearly clarified.

So we also need to create a complete common language when it comes to to, to do a risk. So for the IT, the OT, the the management, sorry, the legal, the purchasing. So currently, in fact, what is not anymore isolated, as we have seen before, it's completely integrated with the, the IT. And this is also the reason why that now any attacks can have really huge consequences. So we complete we need to completely align, in fact, the value chain to include all aspects, including, in fact, the the suppliers and in order to have a complete, in fact, a resilient posture. Now if we move to, in fact, the business today as we have seen and as per the risk that we have also seen before.

So conformity is not anymore, enough as of today. So we definitely, need to be resilient on the fundamentals. Sorry. So the offensive now is, requirement, in fact, to be able to do, to do business. So executives, chief information security officers, so, the CEOs, the board of directors, they're needing to champion the cybersecurity, the integration of cybersecurity into the business operations. There is no way to do, to do, without today and to make also decision making, in fact, with this, with this, all those, processes. Moving now, in fact, to, the cybersecurity advantage, how it grows, in fact, and how it can be a driver. So this is, if in fact, some organization have not yet understood this point, this is very key because cybersecurity landscape evolves. Organization, they must rethink this perspective.

So, and recognize that cybersecurity is an added value. So, and it should be completely integrated to any innovation and, in order to have a competitive advantage. If we talk about the strong cyber security posture, I don't know if you have seen, but all organization now are integrating, in fact, cyber security really as a key element when they are assessing, in fact, the vendor. So it's part of the RFPs now. So, it creates a differentiator, and this this is something that we need to to be, clear about about this. So now moving to, the the the cybersecurity need to be integrated from end to end, so from the design part, but it's still not enough. We need to ensure that up to the operations, we have, in fact, this mindset of cybersecurity. So having this culture of making cyber secure everything that we do to become really a marker of trust because any partner, investor, and customer, they want to have in front of different company that can be trust.

So and, of course, if you have less description on your, on your, environment. So, of course, you are increasing the the the performance. So if, in fact, innovation is implemented properly, in fact, you are gaining in performance and, you know, in business. So and this is definitely a key element that need to be integrated when thinking and integrating any innovation element. Let me move to the next one. So I wanted, in fact, very quickly to share about this, this case because I think it demonstrated to the world that deep fakes are becoming more and more, let's say, deployed and, bringing even more risk for anyone. So currently, this case happened in, so it was, on a group club or company. So it's a UK company. So one of their employee get in fact, a scam. So he has been contacted by the the, CFO. So it was impersonated. So we threw a video call.

So he was able to recognize, in fact, the CFO, the coworker, and due to this video conference, he just, in fact, proceed with the transfer of a huge amount of money. So what we need to know here is there is a lot of learnings, of course, because any incident is also a good way to learn from it. So, definitely, we'll need also to educate more and more people and to have an a different approach of verification of a b being able, in fact, to identify a, a potential scam. Knowing that now some companies are selling so deep fake as a service, it will definitely continue to develop and make more damage. So Sorry for that. I'm trying to move to the next one. So generative AI, as we are talking about deep fake. So generative AI isn't going to to go away as explained. So we we will have in fact, this usage that is needed. So, the adoption rate has in fact, a very unprecedented, in fact, a volume.

If we compare with the internet, in fact, the large language model, like, chartered GPT. So, it took two months to reach, in fact, seven years of adoption of Internet. So, it's unprecedented. So, currently, this is not just emerging technology. Of course, this is incredibly powerful tools, and we they are already reshaping completely the technology landscape. Of course, we cannot, expect to not embrace AI because it will be completely a loss of competitive advantage. So there is no choice for today and for tomorrow. But what is key is that it need to be understood properly. So it means that what we are when we are using, we need to use it safely. So we need to ensure that our teams are able, in fact, to understand behind the technology and how it can be abused. So here, there are some few example that has been, used on the AI. So disinformation, so also called hallucination that can bring, in fact, the wrong information.

Of course, we can have the diagnostic here on the medical, which can have huge consequences. So the facial recognition can be also put put at at a doubt. So, and of course, the AI is creating code and can exploit, in fact, new vulnerabilities. So, that's the reason why any organization needs, in fact, when they integrate AI into their system, to have otherwise a human intervention. So, we cannot let only the artificial intelligence take the, in fact, the full decision. We need to have a responsible AI, and of course, follow the different regulations to avoid to have any ethical issues. So, this is how, in fact, any organization can have a risk that is, mitigated when it comes to, to AI.

So, moving now to the strategy when it comes in fact to, to business success. As you have seen, so cyber strategy, it's completely should be completely embedded in the business, in fact, strategy. There is no choice, in fact, to do it differently. As of today, what is key for any organization is to have a very clear and good understanding of their risk landscape. So they they need to identify the major risk that they can have in their landscape. So this is the element, in fact, to be able to, to secure it. And, of course, aligning the strategy with the obligation, with, as we can see here, the the PCI compliance or the GDPR for for for Europe, for instance. This is a key element, in fact, not only to avoid fine, but in fact, to to build the the right, baseline.

So saying that so real leadership need to be completely involved in and accountable. So in this activity, as you can see here, I'm showing you an example of a risk register. Any risk need to match with the c level ownership. This is quite key to make, in fact, the cybersecurity embedded completely in the in the business activity. I would like now to conclude, in fact, with this last slide and just to remind what has been, said previously. So to become a sustainable company, any company that's going to remain competitive, to remain on the market needed to be cyber resilient. There is no choice. So and that's the reason why, in fact, again, cybersecurity need to be part of the cyber strategy, really embedded on this, on the on the strategy.

So and as we have seen also, this is now how we measure, in fact, the trust. And more and more, it will be the way to differentiate, let's say, competitors and other company. And, definitely, we need to move also the way we are doing cybersecurity. Previously, it was just defensive, reactive. So now, of course, we need to be more in a proactive approach. So under, more in a proactive posture in order to ensure that, you are well aware of your risk, and you put everything in place to, limit and mitigate any potential risk.

That's a wonderful conclusion, Siham. I can feel how passionate you're the about the topic, and we'd really love to have you at our future events talk about cybersecurity and everything that is going on. And and I really love the point when when you shared that boundaries now break down and responsibilities must evolve. So that's how you beautifully summarized your talk. So we enjoyed greatly having you at the stage of Chief in Tech Summit. Thank you so much for the energy, for the knowledge, for the wisdom you brought today. And we're wishing you a great rest of the day. Thank you. Thank you. Bye. Bye.