The editorial staff of Le Monde Informatique continued its tour of France on Wednesday, November 14, 2018, stopping in Nantes at the CCI. This morning-debate, in partnership with the ADN Ouest club, was a resounding success with around a hundred attendees (participants from user companies). On the program: 5 debates on cybersecurity, multicloud, the Internet of Things, AI and machine learning as well as the GDPR, 6 technological and product presentations, and 1 cyberattack demonstration.
For this Nantes edition, a fine set of speakers has been proposed with feedback and points of view from Nathalie Vincent (Director of Infrastructure and Services of Nantes Métropole), Joris Berthaud (DPO Harmonie Mutuelle and member of the AFCDP ), Jean-Sylvain Chavanne (digital security delegate for the Pays de la Loire region of ANSSI), Régis Dubrulle (RSSI of Terrena), Patrice Renaudineau (RSSI of Nantes Métropole), Emmanuel Peyrat (SI manager of La Poste), Tristan Piron (CDO and Head of IT Innovation at La Poste) as well as Pierre Sylvestre (Head of Consulting and Innovation at e-local authorities Vendée).
IT Nantes welcomed for its first set dedicated to multicloud (from left to right): Joris Berthaud (DPO Harmonie Mutuelle and member of the AFCDP), Pierre Sylvestre (head of the consulting and innovation division of e-collectivities Vendée) , Emmanuel Peyrat (IS manager at La Poste) and Tristan Piron (CDO and head of IT innovation at La Poste). credit: NH
Determine the added value of multicloud in its management capacity
The IT Tour in Nantes broke its attendance record for 7 years with on November 14, 2018 a hundred participants. (credit: NH)
Working since 2016 on compliance with the GDPR, Harmonie Mutuelle crossed the milestone of May 25 not without some anxiety: “We experienced the changeover with great pressure due to our particular mutual environment where the question of protection personal data is central,” explained Joris Berthaud, DPO of the mutualist group. “We also had to reassure people internally and raise awareness a notch”. Since October, the group has launched a range of services to meet this challenge: e-learning module, online practical guide, quizzes, displays and kakemonos, etc.
“The GDPR we have been trying to prepare for it since the beginning of 2017, we have a CIL who will be named DPO, this has allowed us to prepare the ground”, indicated Régis Dubrulle, CISO of the Terrena agricultural cooperative which manages notably the poultry brand Père Dodu. “Since May 25, we have received a dozen requests from people to delete their personal data, which was extremely rare before, and all of them invoked the GDPR”. The implementation of a GDPR approach is often a team affair in the company, between the DSI and the legal department but also the RSSI as was the case within the metropolis of Nantes. “My role was to support the DPO on the impact analysis and being ISO 27001 certified since 2015 has helped us to reach a certain maturity on this subject,” said Patrice Renaudineau, CISO of Nantes. Metropolis. “We offer to support local authorities in the implementation of the GDPR with an outsourced DPO service and more than 200 have called on us. The main problem is that in this population there are still a lot of Excel files, lists of names, for example, of the names of children enrolled in school which are used by private schools for canvassing: there are still job to do”, explained his side responsible for the consulting and innovation center of e-collectivities Vendée.
The latest debate on cybersecurity with (from left to right): Jean-Sylvain Chavanne (digital security delegate for the Pays de la Loire region of ANSSI), Régis Dubrulle (RSSI of Terrena), Emmanuel Peyrat (manager SI of La Poste) and Patrice Renaudineau (RSSI of Nantes Métropole). credit: NH
Valves and streetlights connected in Nantes
“We are setting up an infrastructure to collect data from the connected objects of the smart city of tomorrow,” said Nathalie Vincent, director of Nantes Métropole infrastructure and services. By way of illustration, the director notably mentioned connected water valves with SIM cards to monitor overflows, or even connected street lamps to control their ignition and better monitor their electricity consumption. “We launched a POC based on Lora technology and evaluated Sigfox but preferred to start with the first because it was less linked to a proprietary network,” said Nathalie Vincent.
The IT Tour morning-debates in Nantes took place with the support of ADN Ouest and its president Jean-Pierre Moreau (also CIO of the Bouyher Group). On the left in the photo, Sylvain Redondie, managing director of Evals.fr, an online voting and questioning solution used in the IT Tour to boost interaction with the room. (credit: NH)
Of note among the intervention slots highly appreciated by Reims IT Tour participants is that of the cybersecurity training firm bluecyforce (rated 9.3/10). After presenting an overview of the types of attacks, issues and means used by hackers to steal (data, money, etc.) and attack (cryptoware, ransomware, etc.) companies, Vincent Riou, CEO of bluecyforce, notably launched in a cyberattack simulation demonstration. Several steps were put forward: domain name typosquatting, exploitation of an unpatched WordPress site vulnerability of the town hall website used for the demonstration and interception of the mayor’s credentials via a redirect on a controlled mirror phishing site by a hacker.
The intervention of the bluecyforce cybersecurity training organization once again fascinated the participants. (credit: NH)
In the context of artificial intelligence projects, the question of the implementation of chatbots for the purpose of automating support or document flows is a burning issue. With the question of the reallocation of human resources on other tasks with higher added value. “We were working on the chatbot to meet internal needs for collaboration, management of requests for information, but also for level 0 and 1 support,” said Emmanuel Peyrat. “The idea is to start getting into more complex topics and provide a seamless switch between automated chatbot processing and a human person for Level 2.” Among the other projects initiated in this area, an HR chatbot to assist with HR requests (holidays, retirement, etc.) and another to better process and give meaning to customer data in a big data context. “Automation and chatbots can be used to more effectively process requests for instruction, town planning, declaration of works, but we must ask ourselves the question of the retraining of agents and also be careful not to increase territorial inequalities because the information highways are still far from covering the entire rural sector,” explained Pierre Sylvestre.
The IT Tour in Nantes has not departed from its mantra: sharing experiences, networking and conviviality. (credit: NH)
Last debate of the morning: cybersecurity with the intervention carefully followed by the digital security delegate for the Pays de la Loire region of ANSSI, Jean-Sylvain Chavanne. “Many companies have been impacted by ransomware, for example in the food industry with a service company that lost 20 years of its data and another whose labeller was infected and caused 2 weeks of service interruption” . In addition to ransomware infections, the delegate from the National Information Systems Security Agency also pointed out – as in the Grand Est – the lack of site monitoring and the rise of cryptomining that hackers are installing. on the servers of communities that are often overwhelmed in terms of human and financial resources to properly secure their infrastructures. “Among the 42 tips in the digital hygiene guide published by ANSSI, emphasis must be placed on correctly setting up your infrastructures, knowing your assets and the information they contain, monitoring and backing up,” summarized Jean-Sylvain Chavanne.
A nice lunch cocktail awaited the participants in the IT Tour, an event – free – organized by the editorial staff of Le Monde Informatique and ADN Ouest. (credit: NH)