Dear Colleagues,
It is our pleasure to welcome you to the 6th Network and Information Security (NIS'19) Summer School, taking place in Crete, Greece, 16 September - 20 September 2019. This event, having a different "special theme" every year, is jointly organised by the European Union Agency for cybersecurity (ENISA) and the Foundation for Research and Technology - Hellas (FORTH).
The theme for this year is
"Security Challenges of Emerging Technologies".
The Security Challenges of
Emerging Technologies refer to the security challenges and opportunities posed by new technologies.
Examples hereto are Artificial Intelligence, Modern Network Infrastructures (i.e. 5G) , IoT
applications, Machine Learning, etc.
ENISA is dedicated to promoting a culture of security in Europe that will improve the ability of EU Member States to respond to cyber-attacks. It does so, by pursuing a strategy of mitigating risks through awareness, studies, reports and position papers on current NIS matters. Towards this objective, ENISA and FORTH, a research center devoted to advancing the State-of-the-Art, bring together to this Summer School a distinguished faculty from around the world with the purpose to identify current trends, threats and opportunities against the background of recent advances on NIS measures and policies.
Recognising the multi-dimensional facets and intricacies causing changes in the information risks landscape, an array of lectures will cover a variety of key aspects on policy, economic, legal and research matters. The audience includes policy makers from EU Member States and EU Institutions, decision makers from industry and members of the academic community.
By going through a natural evolution cycle, but also by adopting current trends in networking and exchange of knowledge, this year’s Summer School aims at increasing interaction among participants. Targeted breakout sessions will enhance dialogue and exchange of ideas, while cutting edge security issues will be collected before the event through publicly accessible fora and will be channelled to the discussions. Wrap-ups of these interactive sessions will be worked out and distributed during the event.
We would like to thank our keynote speakers, facilitators and faculty for contributing to a programme of such high quality, and we are confident that the participants of NIS'19 will both benefit from, and enjoy the programme.
The organizers of the NIS Summer School would like to offer the opportunity to non-profit organizations/activities in the area of Cyber Threat Intelligence, such as EU Horizon 2020 projects, national academic research and developments projects, open source communities, etc. to disseminate their work through this event. This can be achieved by means of posters, flyers, tool demonstrations etc.
Interested organizations are encouraged to contact the organizer to express their interest, together with some information about the dissemination material (short description of the item to be presented, relevance to CTI, method of presentation, particular presentation requirements). The organizer will review this material via its stakeholder and will inform the project about the acceptance of their presentation. The review of the material is thought as a filter for the relevance and quality of the submissions but also spatial availabilities at the venue of the event.
Interested organizations may contact us through the functional mailbox event.management@nis-summer-school.enisa.europa.eu
Sotiris Ioannidis | Foundation for Research and Technology - Hellas |
Louis Marinos | European Union Agency for cybersecurity |
Andreas Miaoudakis | Foundation for Research and Technology - Hellas |
Maria Mastoraki | Foundation for Research and Technology - Hellas |
Othonas Soultatos | Foundation for Research and Technology - Hellas |
Ioannis Askoxylakis | DG CONNECT European Commission |
Barbara Carminati | University of Insubria |
Gabi Dreo Rodosek | Universität der Bundeswehr München |
Elena Ferrari | University of Insubria |
Konstantinos Fysarakis | Sphynx Technology Solutions AG |
Vasilis Katos | Bournemouth University |
The NIS 2019 Summer School will be held at the Atlantis Aquila Hotel, which is located
in the heart of Heraklion. Address:
2 Ygias street,
71202 Heraklion,
Crete, Greece
In order to help with your planning, a number of rooms in the venue hotel Aquila
Atlantis hotel, as well as to other hotels within walking distance of the venue, have been blocked
by CCBS
GREECE, which is our official accommodation supplier. Hotel rooms are available
in different room and price categories for conference delegates in special rates. Book early to
secure your room and take advantage of the special negotiated rates.
Due to the high tourist
season in Crete in September, NIS2019 participants are advised to make their hotel reservations as
soon as possible. If by the time CCBS Greece receives your room request, the hotel you have selected
is already fully booked, CCBS Greece will propose an alternative similar hotel at the same price
range.
Hotel rooms can be booked via the main online registration
form.
Your Room Reservation is not complete until payment has been
received. Payment is available through the online registration form, with bank transfer or credit card (VISA or
MASTER).
Printable version of the program can be downloaded following this link
Günter Schäfer received his Diploma and Ph.D in computer science from the University of Karlsruhe (today Karlsruhe Institute of Technology), Germany in 1994 and 1998, respectively. After researching and teachingat Ecole Nationale Superieure des Telecommunications in Paris, France (1999-2000) and Technical University of Berlin, Germany (2000-2005), he was appointed full professor of telecommunications/computer networking at the Technical University of Ilmenau, Germany.
His main research areas are network security, as well as design and performance evaluation of communication protocols and architectures
Navy Captain Papageorgiou has significant experience (more than 18 years) in
information security and cyber defense research and implementations with a focus on
red teaming, penetration testing, incident handling, digital forensics and system
security.
He is responsible for organizing and implementing the Hellenic National Cyber
Defense Exercise, since 2010. He has experience in writing and implementing
technical cyber defense scenarios and exercises regarding server side attacks
(remote exploitation), client side attacks, malware analysis, forensics analysis,
incident handling, etc. br
He is responsible for organizing the Military Cyber Defense School. He teaches Red
teaming (Penetration testing), windows security, windows and linux forensics and
incident handling.
He is a GIAC Certified Security Professional (Incident Handling, Reversing Malware,
System and Network Penetration Tester, Forensics Analyst).
He teaches as an expert in the University of Piraeus, Windows Forensics and System
Penetration testing.
He has been member of the red team in the Cyber Defense Exercise “LOCKED
Shields”, organized by the NATO Cooperative Cyber Defense Centre of Excellence.
He is a regular speaker regarding cyber security and cyber defense
presentations at Suprime Joint War College (ADISPO) and also at Hellenic National
Defense College.
Only 10 slots will be available. After your NIS 19 registration is completed, please send an email to event.management@nis-summer-school.enisa.europa.eu to mention your interest in participating.
In this session we offer the serious game HATCH (Hack And Trick Capricious Humans). The serious game HATCH has been developed by the Social Engineering Academy in 2016 and has been used in social engineering threat analysis and awareness training sessions with over 500 participants in total. HATCH is a card game that is played in companies primarily with non security-experts. The game allows to elicit domain-specific threats, teach employees about the dangers of attacks and their consequences. In this event, we will base the game on an autonomous shipping scenario from the EU project Threat Arrest. HATCH will emerge you in the role of a social engineering attacker who is planning to steal, capture or raise havoc on ships. We welcome you to show your skills and learn about social engineering in an enjoyable way.
Prof. Christof Wunderlich holds a chair for Experimental Physics (Quantum Optics) at Siegen University, Germany. His research focuses on the exploration and development of new schemes for quantum information processing using individual atoms, and on fundamental questions of quantum physics. He did the Habilitation developing novel concepts for experiments with trapped ions with P. E. Toschek and W. Neuhauser at Hamburg University. Previously, he worked with Serge Haroche (Nobel Prize in 2012, Ecole Normale Supérieure, Paris, France) and was privileged to participate in cavity quantum electrodynamics experiments on fundamental questions of quantum physics. He initiated the investigation of molecules exposed to intense laser fields working with T. W. Hänsch (Nobel Prize in 2005, Ludwig-Maximilians-Universität and Max-Planck-Institute for Quantum Optics, Munich, Germany), and received a PhD for his research on tunneling through light-induced molecular potentials.
The physics PhD has enjoyed a 20-year career in IT security, having previously held
positions at RWTÜV AG and TÜV Informationstechnik GmbH in Germany. Dr Rainer
Baumgart has been with secunet when it was founded in 1997. He joined the Board of
secunet Security Networks AG when it became a listed company in 1999 and has been
Chairman of the Board from 2001 until he retired in June 2019.
At the European level, Dr Baumgart is member of the ENISA (European Network and
Information Security Agency) Stakeholder’s Group.
Mario Beccia holds a university degree in Economics&Management, an MBA in management of innovation, and several certifications in the cybersecurity and information technology domain (CISSP, CCSP, ITIL, TOGAF9).
He started his career in 1997 by joining a start-up company focused on the use of web technologies for businesses. He then worked as independent consultant on IT and Information Assurance projects in Italy and Belgium.
He joined NATO Allied Command Transformation in 2006, where he worked on business transformation and capability development programs. He supported the setup of the NCIRC (NATO Computer Incident Response Capability) program by collecting and engineering requirements, championing the creation of an implementation roadmap for Cyber Defence in NATO, working with various Cyber Defence entities in the organization (Cyber Defence Committee, C3Board, Emerging Security Challenges Division, NCIA, NATO Office of Security, etc…).
He served as technical director for Cyber Coalition (one of the largest Cyber Defence exercises n NATO), and led the Cyber Defence tracks of CWIX (an exercise to test and validate interoperability between NATO and NATO nations’ C2 systems).
He setup the Cyber Defence track of the TIDE Sprint (a think-tank with participants from industry, NATO nations and other international organizations), and the Cyber Defence portion of the FFCI (NATO’s Framework For Collaborative Interaction, aimed at enabling knowledge exchange between NATO and industry).
He moved on to the NATO C&I Agency in 2015, where he supported the creation of several Cyber Defence information exchange programs (including the NICP, NATO Industry Cyber Partnership). He led the NCIRC implementation program by setting up and running projects intended to expand and consolidate the capability, such as 10 Additional Sites, ANWI/New NATO HQ, BMD, IT Modernization Adaptations.
He recently joined EDA as Project Officer Cyber Defence, leading several Cyber Defence initiatives in the Agency, in charge of several cross-domain and multinational projects under the PESCO framework and other multinational initiatives.
He is passionate about computer programming, crypto currencies and electric vehicles.
Bart Preneel is a full professor at the KU Leuven, where he heads the Imec-COSIC
research group, that has 80
members. He has authored numerous scientific publications & is inventor of five
patents. His research
interests are cryptography, cybersecurity & privacy. He is president of LSEC & has
been president of the IACR
(International Association for Cryptologic Research).
Bart has been invited speaker at more than 120 conferences in more than 40
countries. In 2014 he received the
RSA Award for Excellence in the Field of Mathematics & in 2016 he received the
Kristian Beckman Award from
IFIP TC11.
Only 10 slots will be available. After your NIS 19 registration is completed, please send an email to event.management@nis-summer-school.enisa.europa.eu to mention your interest in participating.
In this session we offer the serious game HATCH (Hack And Trick Capricious Humans). The serious game HATCH has been developed by the Social Engineering Academy in 2016 and has been used in social engineering threat analysis and awareness training sessions with over 500 participants in total. HATCH is a card game that is played in companies primarily with non security-experts. The game allows to elicit domain-specific threats, teach employees about the dangers of attacks and their consequences. In this event, we will base the game on an autonomous shipping scenario from the EU project Threat Arrest. HATCH will emerge you in the role of a social engineering attacker who is planning to steal, capture or raise havoc on ships. We welcome you to show your skills and learn about social engineering in an enjoyable way.
Andreas Sfakianakis is a Cyber Threat Intelligence and Incident Response professional. Andreas is currently a CTI Analyst of Royal Dutch Shell based in Netherlands. He is also a member of European Network and Information Security Agency’s Threat Landscape Stakeholders’ Group and an external expert for ENISA and European Commission. He is a former CTI Analyst at Lloyds Banking Group and Network Information Security Expert at ENISA. He has more than 5 years of experience on Cyber Threat Intelligence field working and engaging with organizations from the banking and Oil & Gas sectors, European agencies, CERTs/CSIRTs, law-enforcement, intelligence professionals and researchers.
Andreas has been the co-author of a number of reports, namely: WEF's Global Risks 2013: "Digital Wildfires in a Hyperconnected World", ENISA's Threat Landscape 2012, ENISA's report on "Exploring the opportunities and limitations of current Threat Intelligence Platforms". He has also participated in the reviewing of ENISA CERT exercises as well as in various research and innovation proposals for European Commission. Finally, Andreas has been the Editor-in-chief of the "Threat Intel Weekend Reads" newsletter for 3 years.
Theodoros Nikolakopoulos is a recognised and award-winning information security professional, with more than ten years’ experience.
Currently serving as a member of the ENISA CSIRT Relations team, responsible for training, stakeholder management, maintaining operational readiness, and enabling seamless and secure communication between the CSIRTs Network members.
Theodoros Nikolakopoulos has been previously engaged with Switzerlands' largest insurer; while initially tasked with Incident Management and Firewall Configuration Management, he was promoted to lead a virtual team of penetration testers, provide direct report to leadership, and drive technical consultancy as necessary. Prior to that, he worked for a dynamic CSIRT team, engaged with incident response and research on threat detection.
Theodoros Nikolakopoulos has been awarded an undergraduate and a postgraduate degree from two leading European universities; with both theses being strongly focused on information security.
During his career, he attended several accredited training programmes, gained a plethora of certifications, and has delivered impactful publications and presentations.
Christian Van Heurck is a member of the ENISA CSIRT Relations Team. He has a background in Physics, moved on to IT Project Management for the City of Antwerp, the Port of Antwerp. He gave many IT trainings and eventually joined the Belgian NREN’s CSIRT as a Security Analyst. After that he was the Head of CERT.be –the Belgian National CSIRT– for many years. Christian joined the ENISA CSIRT Relations Team where he is also in charge if the Technical Trainings.
Dr. Panagiotis Rizomiliotis is an Assistant Professor at the Department of
Informatics and Telematics of the Harokopio University of Athens. He holds a BSc in
Informatics and Telecommunications, an MSc in radioelectrical engineering, and a PhD
in Cryptography, all from the National and Kapodistrian University of Athens,
Greece. In 2005, he joined COSIC research group at Katholieke Universiteit Leuven
and worked as a postdoc researcher for two years. From 2012 until 2017, he was
assistant professor at the Department of Information and Communication Systems
Engineering of the Aegean University, member of the Info-Sec-Lab and external
associate at the department of Digital Systems of the Piraeus University. Since
2012, he serves as a member of the plenary at the Hellenic Authority for
Communication Security and Privacy. He has been involved in numerous Greek and EU
funded R&D projects in the areas of Information and Communication Systems Security
the last 18 years.
His main research interests include cryptography, IoT and cloud security.
After obtaining his Honours Degree in Computer Engineering from the University of Pretoria in South Africa, Thinus joined the Maltego development team in 2012. Since then, he has developed transforms and generated content for Maltego. He has been involved with data mining projects, designing and writing of transforms, and the development of case studies and applications for Maltego. Thinus regularly presents training on the use of Maltego and facilitates organisations around the world to integrate their own internal data.
Thomas Roccia is security researcher on the McAfee Advanced Threat Research team. He works on threat intelligence, tracking cybercrime campaigns and collaborating with law enforcement agencies. In previous his role, Roccia worked on the McAfee Foundstone team, performing worldwide incident response, malware hunting, and penetration testing. He has helped customers during major outbreaks and managed highly critical situations. Roccia has developed workshops, training courses, and presentations. His work in security research includes malware, reverse engineering, vulnerabilities, and car hacking. He speaks regularly at security conferences.
Twitter: @fr0gger_
Roland Sako is a Swiss security researcher working in Kaspersky's Industrial Control Systems Cyber Emergency Response Team (ICS CERT) responsible for conducting vulnerability research and delivering trainings. Today Roland is particularly interested in security for embedded devices security and developing teaching tools for cybersecurity. He enjoys conduction penetration testing of 'Internet of Things' devices ranging from industrial control systems to smaller consumer devices. He has previous experience as a security consultant, and in the education team at Kaspersky. Roland graduated from the University of Lausanne with a degree in Legal Issues, Crimes and IT Security, with a focus on mobile forensics.
Have you ever wondered how malware impacts ICS environments and how we respond to such crisis? During this talk, we will give you an insight of what it takes to work with ICS incidents response and forensics cases. After a brief introduction to our methodology, we will explain you how non ICS-specific malware can cause a notable impact to critical infrastructures. To illustrate our sayings, let us tell you how we dealt with an attack that touched a cement plant, how we manage to figure out exactly what happened solely using a single PCAP file. Also, we will go back to the well-known case of WannaCry and how we dealt with it. Based on several cases we did a research how such malware gets access to isolated ICS environment.
Konstantin Sapronov has had an extensive career in cyber security. Starting in 2000, he worked for Kaspersky Lab in Moscow, steadily taking on more tasks, from Non-Intel Threats Research Group Manager to Head of Virus Lab APAC in China. With over 20 years of IT technologies experience, mostly in security fields, and more than 15 years in the AntiVirus field, he now is the Head of Global Emergency Response Team. Konstantin is an distinguished expert in Computer Forensics and Incident Management. He analyzed malicious programs and computers threats and developed remedies for them. He has a solid understanding of computer viruses, exploits, and shell codes and has utmost knowledge of today's malware landscape and threat families.
During the presentation a few different cases from real Incident Response practice will be shared and it will be demnstrated that today cyber-attacks target all businesses’ types around the globe. Every case will be present in details. Initial point of attack, lateral movement technics used as well as tools for investigation will be discussed for every case.
Major Dimitrios Taketzis is a member of the defensive operations department with a
focus on incident handling and digital forensics.
He is the standing representative on the Computer Security Incident Response Team
(CSIRT) network and representing Greece in the regular meetings.
He is certified by GIAC in Security Essentials.
He graduated from George C. Marshall European Center for Security Studies (Program
on Cyber Security Studies).
He participates in the regular Cyber Exercises “Cyber Coaltion” and “Locked
Shields”, organized by the NATO Cooperative Cyber Defense Center of Excellence.
Visit to archaelogical site of Knossos
There are four types of registration available:
industry | academia/public sector | students | |
Complete Event | 600 € | 400 € | 200 € |
Conference only | 300 € | 200 € | 100 € |
Training session only | 300 € | 200 € | 100 € |
Poster Presentation | 500 € | 500 € | 500 € |
Through the registration link you will be able to register to the
workshop and if you wish, you will also be able to make a hotel reservation to the proposed
hotels with the special rates we have established for the conference participants.
Please
do not forget to mention your training course preference during registration ( i.e. CTI, IM,
CD or ENC).
A cancellation fee of €50 applies. No cancellation will be
allowed after July 30th, 2019. If you cannot attend you may transfer the
registration to another person. Any cancellations MUST BE RECEIVED by email nis2019@ccbsgreece.gr or fax +30 2810 330606
Registration & Accommodation is available through:
CCBS GREECE
LP
Cretan Conference and Business Services L.P.
6 Pediados Str, 71201, Heraklion
GR
Tel: +30 2810 331010, Fax: +30 2810 330606
VAT: GR800532670
GNTO: 1039 E 60000
02246 01
European Union Agency for cybersecurity
1 Vasilissis Sofias Str Maroussi 151
24
Attiki, Greece
Tel: +30 28 14 40 9711
Foundation for Research and Technology - Hellas
N. Plastira 100, Vassilika
Vouton
Heraklion, GR-700 13, Crete, Greece
Tel.: +30 2810 391945