National CSIRT-CY Activities

Με επιτυχία διεξήχθη στις 16-17 Σεπτεμβρίου 2019, το 58ο TF-CSIRT στην Πάφο υπό την αιγίδα του Εθνικού CSIRT-CY και της Αρχής Ψηφιακής Ασφάλειας.

Στο συνέδριο συμμετείχαν εκπρόσωποι από τo European Security and Defence College, από τον Ευρωπαϊκό οργανισμούς ENISΑ, από τον οργανισμό FIRST, Trusted Introducer, το Ακαδημαϊκό CSIRT της Κύπρου, όπως και δεκάδες εκπροσώπους Εθνικών Ομάδων από το εξωτερικό, εκπροσώπους των κρίσιμων υποδομών της Κυπριακής Δημοκρατίας, ιδιωτικές Κυπριακές εταιρίες που ασχολούνται με την κυβερνο-ασφάλεια όπως και κατασκευαστές προϊόντων κυβερνο-ασφάλειας.

 

Η επίσημη έναρξη του συνεδρίου έγινε το πρωί των 16 Σεπτεμβρίου με πάνω απο 150 συμμετέχοντες.

Read more »

Training on “Mobile Threats Incident Handling and Malware Analysis Memory Forensics” was successfully held on Thursday 1st and Friday 2nd of August 2019 for the National CSIRT-CY analysts and representatives of Critical Information Infrastructures from ENISA’s trainers (European Union Agency for Network and Information Security).

 

The 58th TF-CSIRT Meeting will take place from 16th – 17th September 2019 at the Annabelle Hotel, Paphos, Cyprus hosted by the National CSIRT-CY.

Registration

Registration is OPEN.

 

TF-CSIRT Mission

The mission of TF-CSIRT is to facilitate and improve the collaboration between the European CSIRT community to make cyberspace a better place.

Read more »

Under the auspices of the European Security and Defence College (ESDC), the Digital Security Authority (DSA) and the National CSIRT-CY of Cyprus had the great honour of organising a course dedicated to cyber challenges in the areas of information and risk management, incident handling, threat intelligence and media monitoring and response. The course held in Nicosia on 13th to 15 of May 2019.

The course is intended to strengthen the establishment of the Cyber Education Training Exercise and Evaluation (ETEE) platform of the ESDC and widen the scope of its activities by addressing technical and tactical/operational-level training.

The course gave the participants an insight into the basics of defending an infrastructure and a thorough review of an incident lifecycle, detailing all steps and taking the audience through a case study with questions that initiated fruitful discussions.

The main takeaway of the discussions was that there is no ‘one-size-fits-all’ approach to incident response.

Keynotes

Day 1

Incident Management: Tactics and Techniques – Theodoros Nikolakopoulos, European Union Agency for Network and Information Security

Introduction to risk management – Sigitas Rokas, Information and cybersecurity risk management, NRD

Risk identification, assessment, and response – Sigitas Rokas, Information and cybersecurity risk management, NRD

Risk Monitoring – Sigitas Rokas, Information and cybersecurity risk management, NRD

Day 2

Methodology of Attacks and Countermeasures – Dr Nikos Bardis, Assistant Professor at the Hellenic Army Academy

Forensic Analysis – Dr Nicolaos Doukas, Assistant Professor at the Hellenic Army Academy

Malware Analysis – Nicolaos Giannakopoulos, HNDGS/E6 (Cyber Defense Directorate)

Introduction to the topic of Hybrid Threats – Dr Georgios Giannopoulos, Joint Research Centre (JRC-ISPRA)

Tabletop Exercises – Dr Georgios Giannopoulos, Joint Research Centre (JRC-ISPRA), Dr Georgios Theodoridis, Joint Research Centre (JRC-ISPRA)

Day 3

Physics of a WiFi MiTM attack – Professor Stavros Stavrou, Dean – Open University of Cyprus, Chairman – EAB.Cyber

Media Monitoring and Response, Targeted OSINT Search – Kazimieras Sadauskas, Media Monitoring and Response, Targeted OSINT Search

 

 

 

On 7 March 2019, certified experts from ENISA, together with representative from the National Cyber Security Centre of Portugal concluded the peer review process of assessing maturity level of National CSIRT of The Republic of Cyprus.

CSIRT-CY is responsible for the increase of the security posture of Cyprus by enhancing the cyber protection of its National Critical Information Infrastructures, banks and Internet Service Providers.

Peer review is an important part of ENISA CSIRT maturity evaluation process. It is addressed to CSIRT teams, to help them improve and enhance their maturity, together with the self-assessment approach. The whole process is based on the SIM3 (Security Incident Management Maturity Model) model and further described in the ENISA Study on CSIRT Maturity – Evaluation Process.

Peer reviews are conducted between trusted teams and are intended as a form of intra-community mutual support, aimed at further enhancing all teams’ maturity.

The maturity evaluation process is adopted by the CSIRTs. It is planned that all CSIRT Network members will undergo such an evaluation by the end of 2019. This will help national CSIRTs reach the high-level requirements of the EU Network and Information Security Directive NISD.

 

The information contained in this website is for general information purposes only. The information is gathered from ENISA while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.