Με επιτυχία διεξήχθη την Πέμπτη 1η και Παρασκευή 2 Αυγούστου 2019, η εκπαίδευση με θέμα «Mobile Threats Incident Handling and Malware Analysis Memory Forensics» στους αναλυτές του Εθνικού CSIRT-CY και αντιπροσώπων των κρίσιμων πληροφοριακών υποδομων από τους εκπαιδευτές του Ευρωπαϊκό οργανισμού ENISA (European Union Agency for Network and Information Security).
Registration is OPEN.
The mission of TF-CSIRT is to facilitate and improve the collaboration between the European CSIRT community to make cyberspace a better place.
Under the auspices of the European Security and Defence College (ESDC), the Digital Security Authority (DSA) and the National CSIRT-CY of Cyprus had the great honour of organising a course dedicated to cyber challenges in the areas of information and risk management, incident handling, threat intelligence and media monitoring and response. The course held in Nicosia on 13th to 15 of May 2019.
The course is intended to strengthen the establishment of the Cyber Education Training Exercise and Evaluation (ETEE) platform of the ESDC and widen the scope of its activities by addressing technical and tactical/operational-level training.
The course gave the participants an insight into the basics of defending an infrastructure and a thorough review of an incident lifecycle, detailing all steps and taking the audience through a case study with questions that initiated fruitful discussions.
The main takeaway of the discussions was that there is no ‘one-size-fits-all’ approach to incident response.
Keynotes
Day 1
Incident Management: Tactics and Techniques – Theodoros Nikolakopoulos, European Union Agency for Network and Information Security
Introduction to risk management – Sigitas Rokas, Information and cybersecurity risk management, NRD
Risk identification, assessment, and response – Sigitas Rokas, Information and cybersecurity risk management, NRD
Risk Monitoring – Sigitas Rokas, Information and cybersecurity risk management, NRD
Day 2
Methodology of Attacks and Countermeasures – Dr Nikos Bardis, Assistant Professor at the Hellenic Army Academy
Forensic Analysis – Dr Nicolaos Doukas, Assistant Professor at the Hellenic Army Academy
Malware Analysis – Nicolaos Giannakopoulos, HNDGS/E6 (Cyber Defense Directorate)
Introduction to the topic of Hybrid Threats – Dr Georgios Giannopoulos, Joint Research Centre (JRC-ISPRA)
Tabletop Exercises – Dr Georgios Giannopoulos, Joint Research Centre (JRC-ISPRA), Dr Georgios Theodoridis, Joint Research Centre (JRC-ISPRA)
Day 3
Physics of a WiFi MiTM attack – Professor Stavros Stavrou, Dean – Open University of Cyprus, Chairman – EAB.Cyber
Media Monitoring and Response, Targeted OSINT Search – Kazimieras Sadauskas, Media Monitoring and Response, Targeted OSINT Search
On 7 March 2019, certified experts from ENISA, together with representative from the National Cyber Security Centre of Portugal concluded the peer review process of assessing maturity level of National CSIRT of The Republic of Cyprus.
CSIRT-CY is responsible for the increase of the security posture of Cyprus by enhancing the cyber protection of its National Critical Information Infrastructures, banks and Internet Service Providers.
Peer review is an important part of ENISA CSIRT maturity evaluation process. It is addressed to CSIRT teams, to help them improve and enhance their maturity, together with the self-assessment approach. The whole process is based on the SIM3 (Security Incident Management Maturity Model) model and further described in the ENISA Study on CSIRT Maturity – Evaluation Process.
Peer reviews are conducted between trusted teams and are intended as a form of intra-community mutual support, aimed at further enhancing all teams’ maturity.
The maturity evaluation process is adopted by the CSIRTs. It is planned that all CSIRT Network members will undergo such an evaluation by the end of 2019. This will help national CSIRTs reach the high-level requirements of the EU Network and Information Security Directive NISD.
επί της Απόφασης αναφορικά με την υποχρέωση των φορέων εκμετάλλευσης βασικών υπηρεσιών ή και φορέων κρίσιμων υποδομών πληροφοριών ή και παροχέων ψηφιακών υπηρεσιών για κοινοποίηση κάθε συμβάντος το οποίο έχει σοβαρό αντίκτυπο στη συνέχιση των υπηρεσιών που παρέχουν.
