CTI-EU event
This is a folder for the CTI-EU event
This is a folder for the CTI-EU event
CTI – EU | Bonding EU Cyber Threat Intelligence
- https://www.enisa.europa.eu/events/cti-eu-event/enisa-cti-eu-event
- CTI – EU | Bonding EU Cyber Threat Intelligence
- 2017-10-30T14:00:00+02:00
- 2017-10-31T16:30:00+02:00
- The event will cover the subject of Cyber Threat Intelligence (CTI) and is named CTI-EU. It will be organized by ENISA with the support of various EU services. DG-Connect/H1 and EC3 have already confirmed their support while the goal is to have the support of more EU bodies before the event.
- What ENISA events Threat landscape
- When Oct 30, 2017 02:00 PM to Oct 31, 2017 04:30 PM
- Where Link Campus University, Via del Casale di S. Pio V, 44, 00165 Roma
- Add event to calendar iCal
The event is going to be organized in Rome, Italy, from October 30th to 31st. The venue of the event are the premises of the Link University in Rome. The event will be free of charge.
The following CTI thematic areas will be covered:
- CTI Information sharing
- Active defence
- Automation of CTI
- Embedding CTI in security organization and good practices
- CTI capabilities, skills, education and training and research
For each of the above group of topics, a dedicated workshop will be organized. Each of those parallel workshops will last for ca. 4 hours. In each workshop, position statements of participants will be made. These statements will regard solutions, experiences, problems, open points, etc. formulated by CTI stakeholders of various types. We foresee ca. 4 such presentation lasting for ca. 15 minutes. Care will be taken to have all stakeholder groups represented in those presentations (mainly business users, vendors, governments, end-users/SMEs). Each presentation will last for ca. 15 minutes, followed by a discussion of ca. 15 minutes. Points discussed will be collected and finally prioritized.
The results of all workshops will be presented by means of a plenary session in the afternoon. The results of each workshop will be presented within a ca. 20 minutes slot.
The total duration of the event will be from ca. 14:00 – 17:00 on October 30th and from 9:00 to ca. 16:30 on October 31st. The breakout workshops will last for ca. 4 hours, while the plenary session in the afternoon will last 2 hours. On the 30th a plenary session will be organized that will also serve as “ice-breaker” for the participants. Some additional social activities (e.g. reception) will be organized. Details will be announced in due time.
ENISA would like to offer the opportunity to non-profit organizations/activities in the area of Cyber Threat Intelligence, such as EU Horizon 2020 projects, national academic research and developments projects, open source communities, etc. to disseminate their work through this event. This can be achieved by means of posters, flyers, tool demonstrations etc.
Interested organizations are encouraged to contact ENISA to express their interest, together with some information about the dissemination material (short description of the item to be presented, relevance to CTI, method of presentation, particular presentation requirements). ENISA will review this material via the ENISA Threat Landscape Stakeholder Group and will inform the organizations about the acceptance of their presentation. The review of the material is considered as a filter for the relevance and quality of the submissions but also for the spatial availabilities at the venue of the event.
The final agenda of the event is available online.
Details of the event structure and contributors can be found here.
The presentation slides are available here.
The event is organized in cooperation with:
|
| ||
---|---|---|---|
DG Connect/H1 | Europol EC3 |
CERT-EU | European Defence Agency |
CTI-EU Event Presentations
30 October 2017
Opening Session: CTI in EU Institutions
- Cyber Threat Intelligence Information Sharing for EU-led military Operations – Is the time ready now?
Wolfgang Röhrig - Cyber Threat Intelligence CERT-EU vision
Kyriakos Satlas - CTI at ENISA: Now and then
Louis Marinos - Cyber Intel within European Cybercrime Center Ops
Álvaro Azofra - Digging in the dark web
Pierluigi Paganini
31 October 2017
Session 1 – CTI Information Sharing
- CTI - How to get your community sharing
Andras Iklody - Conclusion
Jane Ginn, Stavros Lingris
Session 2 – Active Defence
- Enhanced Attribution
Tejas Patel (authored by Angelos D. Keromytis) - Active Defence at European Economic & Social Committee
Dimitrios Margaritis - Active Defence with Attack Trees & Deception
David Barroso - Harnessing Autonomy for Countering Cyberadversary Systems (HACCS)
Tejas Patel (authored by Angelos D. Keromytis) - Conclusion
Cosmin Ciobanu
Session 3 – Automation of CTI
- Supporting CSIRT capabilities and reduce manual operations
Alexandre Dulaunoy - Automation architectures
Paweł Pawliński - Conclusion
Alexandre Dulaunoy
Session 4 – Embedding CTI in security organisation and good practices
- Using CTI for prioritizing security improvements
Paul Samwel - Scaling Intelligence for communities
Chris O’Brian - Translating Intelligence for the Business
Tierman Connolly - CTI capability framework
Richard Kerkdijk - Conclusion
Paul Samwel, Chris O’Brian, Tiernan Connolly, Richard Kerkdijk
Further reading: Innovating in Cyber Security
Session 5 – CTI capabilities, skills, education training and research
- Cyber Security capabilities FICORA’s experience as a CERT & NRA
Heidi Kivekäs - Lessons Learned from Teaching CTI All Over the World
Jess Garcia - Current training & educational opportunities: An academic approach & what the employers need
Prof. Marco Cremonini - H2020 SAINT project & CTI
Prof. Latif Ladid - Secure Information Sharing Sensor Delivery Event Network
Adam Kozakiewicz - Current skills gap for capable CTI analysts: Training for forensics & analysis
Selene Giupponi - Conclusion
Adnreas Sfakianakis, Jart Armin
CTI-EU Event Presentations
Supporting CSIRT capabilities and reduce manual operations
alexandre-dulaunoy-csirt-automation.pdf — 89.2 KB
- Current skills gap for capable CTI analysts
Current skills gap for capable CTI analysts.pdf — 1015.0 KB