The 24th edition of the Assises de la Cybersécurité, held in Monaco from 9 to 12 October, brought together nearly 3,300 participants and 180 partners. This international summit brings together start-ups, SMEs and major industrial groups from a variety of regions. Some of them are based in the Principality of Monaco. It is an opportunity for the Minister of State, Didier Guillaume, to emphasise the need to strengthen the security of information systems in a generally uncertain environment. Maria Iacono, Director of the conference, said: ‘Working together for cybersecurity is not just an added value, it's a necessity. By joining forces and sharing our knowledge, we can create a secure and resilient digital environment for all.
CMB Monaco was present at the conference. So we asked Olivier PAGES, the bank's Executive Director in charge of Innovation and Digital Affairs at the AMAF, and Mathieu HERNANDEZ, the bank's Head of Information Systems Security, about their participation in the event.
You attended this year's Assises de la Cybersécurité. What were your objectives?
Olivier PAGES :
Mainly, to strengthen our network of contacts in the field of cybersecurity, share our experiences and learn from best practices in this sector. This enables us to continue to protect our customers' data as effectively as possible and ensure the resilience of our systems. The Assises are a valuable opportunity to discover the latest trends and create opportunities for collaboration within the cybersecurity community.
What are your impressions of the conference? What key lessons did you learn?
Mathieu HERNANDEZ:
The Cybersecurity Conference has once again proved its importance as a platform for exchange and reflection. The discussions and presentations enabled me to note a growing consensus on the importance of anticipation and resilience. This year, I particularly noted the emphasis on discussions around artificial intelligence. What are the risks associated with AI, but also how AI can strengthen defences against cyber attacks, and optimise threat detection. In addition, the sharing of experiences on incident management was invaluable, underlining the need for greater coordination between stakeholders.
Will any of the information gathered at the conference influence the development of your cybersecurity strategy?
Mathieu HERNANDEZ :
Absolutely. The conference highlighted innovative approaches and trends that we want to incorporate into our cybersecurity strategy. Firstly, the growing use of artificial intelligence is encouraging us to explore predictive analysis tools for proactive threat identification. In addition, discussions on the risks associated with digital supply chains are leading us to review our approach to security with our partners and suppliers. Finally, strengthening our incident and crisis management processes is becoming a priority to better meet regulatory requirements (particularly the DORA* regulations). These areas will be incorporated into our roadmap to strengthen our resilience in the face of cyber threats.
What are CMB Monaco's most pressing challenges in this area?
Mathieu HERNADEZ:
The major challenges include protection against cyber attacks, managing the risks associated with new technologies, and rapidly changing regulations. To meet these challenges, we have focused on strengthening our detection and response capabilities. This means relying on cutting-edge technologies, including artificial intelligence, to support our team in this crucial work.
How does the bank integrate cybersecurity solutions into its day-to-day operations?
Mathieu HERNANDEZ :
At every level of our operations. We monitor and detect potential threats in real time. At the same time, we have put in place processes to guarantee security throughout the lifecycle of our systems, from design to disposal. Raising awareness and training users is also a key part of our strategy, because technology alone is not enough.
What role does innovation play in your cybersecurity strategy?
Olivier PAGES :
Innovation is at the heart of our strategy. It's crucial that we don't just react to threats, but anticipate them and control them in advance. The banking world, in particular, must now adopt a proactive stance, because when it comes to cybersecurity, intervening after the fact is often already too late. So we are constantly investing in new technologies and emerging solutions to stay ahead of cyber threats. This enables us to guarantee the protection of our systems and data, while supporting our teams in their defence mission.
Have you set up any partnerships to strengthen your IT security?
Mathieu HERNANDEZ :
We work with cybersecurity experts, partner financial institutions, regulatory bodies such as the AMSN, and of course our Mediobanca Group. Cyber intelligence is essential, and these exchanges help us to better understand the potential impact of new technologies on our systems. This enables us to improve our collective resilience.
How does the bank protect its customers' personal data in the face of cyber threats?
Olivier PAGES :
We implement rigorous security measures throughout the lifecycle of our systems, from design to disposal. We carry out regular audits and strengthen our security controls, with an increasing focus on automation to increase our efficiency. This strategy enables us to carry out checks both upstream and downstream, and to intervene rapidly in the event of an incident.
In addition, ongoing training of our teams is crucial to maintaining a proactive approach, and we work closely with experts to keep abreast of emerging threats.
* On 16 January 2023, the DORA Regulation and associated Directive came into force, following their adoption by the Council of the European Union in November 2022. It is an innovative regulatory framework that addresses the risks posed by the profound digital transformation of financial services, the increasing interconnection of networks and critical infrastructures, and the growing number and sophistication of cyber attacks on financial sector players.