Welcome Note

Dear Colleagues,

It is our pleasure to welcome you to the 6th Network and Information Security (NIS'19) Summer School, taking place in Crete, Greece, 16 September - 20 September 2019. This event, having a different "special theme" every year, is jointly organised by the European Union Agency for cybersecurity (ENISA) and the Foundation for Research and Technology - Hellas (FORTH).

The theme for this year is "Security Challenges of Emerging Technologies".

The Security Challenges of Emerging Technologies refer to the security challenges and opportunities posed by new technologies. Examples hereto are Artificial Intelligence, Modern Network Infrastructures (i.e. 5G) , IoT applications, Machine Learning, etc.

ENISA is dedicated to promoting a culture of security in Europe that will improve the ability of EU Member States to respond to cyber-attacks. It does so, by pursuing a strategy of mitigating risks through awareness, studies, reports and position papers on current NIS matters. Towards this objective, ENISA and FORTH, a research center devoted to advancing the State-of-the-Art, bring together to this Summer School a distinguished faculty from around the world with the purpose to identify current trends, threats and opportunities against the background of recent advances on NIS measures and policies.

Recognising the multi-dimensional facets and intricacies causing changes in the information risks landscape, an array of lectures will cover a variety of key aspects on policy, economic, legal and research matters. The audience includes policy makers from EU Member States and EU Institutions, decision makers from industry and members of the academic community.

By going through a natural evolution cycle, but also by adopting current trends in networking and exchange of knowledge, this year’s Summer School aims at increasing interaction among participants. Targeted breakout sessions will enhance dialogue and exchange of ideas, while cutting edge security issues will be collected before the event through publicly accessible fora and will be channelled to the discussions. Wrap-ups of these interactive sessions will be worked out and distributed during the event.

We would like to thank our keynote speakers, facilitators and faculty for contributing to a programme of such high quality, and we are confident that the participants of NIS'19 will both benefit from, and enjoy the programme.

Overview

Prof. Dr. Udo Helmbrecht

Executive Director of ENISA

Overview

Prof. Nektarios Tavernarakis

Chairman of the Board Of Directors of FORTH

Call for Posters

The organizers of the NIS Summer School would like to offer the opportunity to non-profit organizations/activities in the area of Cyber Threat Intelligence, such as EU Horizon 2020 projects, national academic research and developments projects, open source communities, etc. to disseminate their work through this event. This can be achieved by means of posters, flyers, tool demonstrations etc.

Interested organizations are encouraged to contact the organizer to express their interest, together with some information about the dissemination material (short description of the item to be presented, relevance to CTI, method of presentation, particular presentation requirements). The organizer will review this material via its stakeholder and will inform the project about the acceptance of their presentation. The review of the material is thought as a filter for the relevance and quality of the submissions but also spatial availabilities at the venue of the event.


Interested organizations may contact us through the functional mailbox event.management@nis-summer-school.enisa.europa.eu

Speakers

More speakers TBA

Committees

Conference Chairs

Sotiris Ioannidis Foundation for Research and Technology - Hellas
Louis Marinos European Union Agency for cybersecurity

Organising Committee

Andreas Miaoudakis Foundation for Research and Technology - Hellas
Maria Mastoraki Foundation for Research and Technology - Hellas
Othonas Soultatos Foundation for Research and Technology - Hellas

Programme Committee

Ioannis Askoxylakis DG CONNECT European Commission
Barbara Carminati University of Insubria
Gabi Dreo Rodosek Universität der Bundeswehr München
Elena Ferrari University of Insubria
Konstantinos Fysarakis Sphynx Technology Solutions AG
Vasilis Katos Bournemouth University

Venue & Accommodation

The NIS 2019 Summer School will be held at the Atlantis Aquila Hotel, which is located in the heart of Heraklion. Address:
2 Ygias street,
71202 Heraklion,
Crete, Greece

Travel Information

Information about how to get to the conference venue Atlantis Aquila Hotel can be found in the link provided from the Hotel

Accommodation

In order to help with your planning, a number of rooms in the venue hotel Aquila Atlantis hotel, as well as to other hotels within walking distance of the venue, have been blocked by CCBS GREECE, which is our official accommodation supplier. Hotel rooms are available in different room and price categories for conference delegates in special rates. Book early to secure your room and take advantage of the special negotiated rates.
Due to the high tourist season in Crete in September, NIS2019 participants are advised to make their hotel reservations as soon as possible. If by the time CCBS Greece receives your room request, the hotel you have selected is already fully booked, CCBS Greece will propose an alternative similar hotel at the same price range.
Hotel rooms can be booked via the main online registration form.
Your Room Reservation is not complete until payment has been received. Payment is available through the online registration form, with bank transfer or credit card (VISA or MASTER).

Accommodation Cancellation Policy
  • Until August 14th , 2019 - Full refund minus 30€ administrative fee
  • From August 15th until August 25th, 2019 - Full refund minus 1 night accommodation fee
  • From August 26th until September 5th 2019 - Full refund minus 2 nights’ accommodation fee
  • From September 6th, 2019 onward - No refund of accommodation fees
Please note any changes or cancellations MUST BE RECEIVED by email at nis2019@ccbsgreece.gr or fax +30 2810330606

Summer School Program

Printable version of the program can be downloaded following this link

08:30-09:30
Conference Hall

Conference Registration

program
program
program
09:30-10:00
MINOS II

Welcome Addresses

Speakers:
Prof Nektarios Tavernarakis
Prof. Dr. Udo Helmbrecht
Mr Antonis Tzortzakakis

program
10:00-10:30
MINOS II

Why Europe needs a stronger ENISA

Speaker:Mr Kouroumbashev

program
10:30-11:00
MINOS II

Speaker: Despina Spanou

program
11:00-11:30
MINOS II

5G - 360ᵒ

Speaker: Antonis Tzortzakakis

11:30-12:00

Coffee Break

12:00-13:00
MINOS II

Policy Panel

13:00 - 14:00

Lunch

Tejas_Patel
14:00 - 14:45
MINOS II

DARPA Enhanced Attribution

Speaker:Tejas Patel

program
14:45 - 15:30
MINOS II

Secure Overlay-Based IPsec Discovery (SOLID) for Autoconfiguration of Large-Scale VPN Infrastructures

Prof. Dr.-Ing. Guenter Schaefer
Speaker short CV

Günter Schäfer received his Diploma and Ph.D in computer science from the University of Karlsruhe (today Karlsruhe Institute of Technology), Germany in 1994 and 1998, respectively. After researching and teachingat Ecole Nationale Superieure des Telecommunications in Paris, France (1999-2000) and Technical University of Berlin, Germany (2000-2005), he was appointed full professor of telecommunications/computer networking at the Technical University of Ilmenau, Germany.
His main research areas are network security, as well as design and performance evaluation of communication protocols and architectures

Francisco Luis De Andrés Pérez
15:30 - 16:00
MINOS II

Active Cyber Defense

Navy Captain Spyridon Papageorgiou
Speaker short CV

Navy Captain Papageorgiou has significant experience (more than 18 years) in information security and cyber defense research and implementations with a focus on red teaming, penetration testing, incident handling, digital forensics and system security.
He is responsible for organizing and implementing the Hellenic National Cyber Defense Exercise, since 2010. He has experience in writing and implementing technical cyber defense scenarios and exercises regarding server side attacks (remote exploitation), client side attacks, malware analysis, forensics analysis, incident handling, etc. br He is responsible for organizing the Military Cyber Defense School. He teaches Red teaming (Penetration testing), windows security, windows and linux forensics and incident handling.
He is a GIAC Certified Security Professional (Incident Handling, Reversing Malware, System and Network Penetration Tester, Forensics Analyst).
He teaches as an expert in the University of Piraeus, Windows Forensics and System Penetration testing.
He has been member of the red team in the Cyber Defense Exercise “LOCKED Shields”, organized by the NATO Cooperative Cyber Defense Centre of Excellence.
He is a regular speaker regarding cyber security and cyber defense presentations at Suprime Joint War College (ADISPO) and also at Hellenic National Defense College.

program
16:00-17:00
MINOS II

Malware detection and forensic for critical network infrastructure

Stefano De Crescenzo

17:30 - 19:30
MINOS II

Tabletop Security Gaming

Only 10 slots will be available. After your NIS 19 registration is completed, please send an email to event.management@nis-summer-school.enisa.europa.eu to mention your interest in participating.

In this session we offer the serious game HATCH (Hack And Trick Capricious Humans). The serious game HATCH has been developed by the Social Engineering Academy in 2016 and has been used in social engineering threat analysis and awareness training sessions with over 500 participants in total. HATCH is a card game that is played in companies primarily with non security-experts. The game allows to elicit domain-specific threats, teach employees about the dangers of attacks and their consequences. In this event, we will base the game on an autonomous shipping scenario from the EU project Threat Arrest. HATCH will emerge you in the role of a social engineering attacker who is planning to steal, capture or raise havoc on ships. We welcome you to show your skills and learn about social engineering in an enjoyable way.

Social Event

Location: Parasties

Francisco Luis De Andrés Pérez
09:00 - 10:00
MINOS II

Intelligence-driven Cyberattack Taxonomy

Speaker:Francisco Luis De Andrés Pérez

Christof Wunderlich
10:00 - 11:00
MINOS II

Quantum Computing with Trapped Ions and MAGIC

Prof. Christof Wunderlich
Speaker short CV

Prof. Christof Wunderlich holds a chair for Experimental Physics (Quantum Optics) at Siegen University, Germany. His research focuses on the exploration and development of new schemes for quantum information processing using individual atoms, and on fundamental questions of quantum physics. He did the Habilitation developing novel concepts for experiments with trapped ions with P. E. Toschek and W. Neuhauser at Hamburg University. Previously, he worked with Serge Haroche (Nobel Prize in 2012, Ecole Normale Supérieure, Paris, France) and was privileged to participate in cavity quantum electrodynamics experiments on fundamental questions of quantum physics. He initiated the investigation of molecules exposed to intense laser fields working with T. W. Hänsch (Nobel Prize in 2005, Ludwig-Maximilians-Universität and Max-Planck-Institute for Quantum Optics, Munich, Germany), and received a PhD for his research on tunneling through light-induced molecular potentials.

11:00-11:30

Coffee Break

Dr Rainer Baumgart
11:30-12:15
MINOS II

Experience and relevance of strategic F&E programmes for midrange security companies by using the example of the current hype on quantum computing

Speaker:Dr Rainer Baumgart
Speaker short CV

The physics PhD has enjoyed a 20-year career in IT security, having previously held positions at RWTÜV AG and TÜV Informationstechnik GmbH in Germany. Dr Rainer Baumgart has been with secunet when it was founded in 1997. He joined the Board of secunet Security Networks AG when it became a listed company in 1999 and has been Chairman of the Board from 2001 until he retired in June 2019.
At the European level, Dr Baumgart is member of the ENISA (European Network and Information Security Agency) Stakeholder’s Group.

12:15-13:00
MINOS II

Investigations and pivots on adversary infrastructures using open source intelligence

Speaker: Samuel Hassine
Head of Cyber Threat Intelligence Unit
French Cybersecurity Agency

13:00 - 14:00

Lunch

program
14:00 - 14:45
MINOS II

EDA Cyber Defence Program

Speaker: Mario Beccia
Speaker short CV

Mario Beccia holds a university degree in Economics&Management, an MBA in management of innovation, and several certifications in the cybersecurity and information technology domain (CISSP, CCSP, ITIL, TOGAF9).
He started his career in 1997 by joining a start-up company focused on the use of web technologies for businesses. He then worked as independent consultant on IT and Information Assurance projects in Italy and Belgium.
He joined NATO Allied Command Transformation in 2006, where he worked on business transformation and capability development programs. He supported the setup of the NCIRC (NATO Computer Incident Response Capability) program by collecting and engineering requirements, championing the creation of an implementation roadmap for Cyber Defence in NATO, working with various Cyber Defence entities in the organization (Cyber Defence Committee, C3Board, Emerging Security Challenges Division, NCIA, NATO Office of Security, etc…).
He served as technical director for Cyber Coalition (one of the largest Cyber Defence exercises n NATO), and led the Cyber Defence tracks of CWIX (an exercise to test and validate interoperability between NATO and NATO nations’ C2 systems).
He setup the Cyber Defence track of the TIDE Sprint (a think-tank with participants from industry, NATO nations and other international organizations), and the Cyber Defence portion of the FFCI (NATO’s Framework For Collaborative Interaction, aimed at enabling knowledge exchange between NATO and industry).
He moved on to the NATO C&I Agency in 2015, where he supported the creation of several Cyber Defence information exchange programs (including the NICP, NATO Industry Cyber Partnership). He led the NCIRC implementation program by setting up and running projects intended to expand and consolidate the capability, such as 10 Additional Sites, ANWI/New NATO HQ, BMD, IT Modernization Adaptations.
He recently joined EDA as Project Officer Cyber Defence, leading several Cyber Defence initiatives in the Agency, in charge of several cross-domain and multinational projects under the PESCO framework and other multinational initiatives.
He is passionate about computer programming, crypto currencies and electric vehicles.

14:45 - 16:00

Demonstrators / Posters

  • Short presentation from the demonstrators participating in the Summer School
  • Poster presentations

Bart preneel
16:00 - 17:00
MINOS II

Blockchain: hype or reality?

Speaker: Prof. Bart Preneel
Speaker short CV

Bart Preneel is a full professor at the KU Leuven, where he heads the Imec-COSIC research group, that has 80 members. He has authored numerous scientific publications & is inventor of five patents. His research interests are cryptography, cybersecurity & privacy. He is president of LSEC & has been president of the IACR (International Association for Cryptologic Research).
Bart has been invited speaker at more than 120 conferences in more than 40 countries. In 2014 he received the RSA Award for Excellence in the Field of Mathematics & in 2016 he received the Kristian Beckman Award from IFIP TC11.

17:30 - 19:30
MINOS II

Tabletop Security Gaming

Only 10 slots will be available. After your NIS 19 registration is completed, please send an email to event.management@nis-summer-school.enisa.europa.eu to mention your interest in participating.

In this session we offer the serious game HATCH (Hack And Trick Capricious Humans). The serious game HATCH has been developed by the Social Engineering Academy in 2016 and has been used in social engineering threat analysis and awareness training sessions with over 500 participants in total. HATCH is a card game that is played in companies primarily with non security-experts. The game allows to elicit domain-specific threats, teach employees about the dangers of attacks and their consequences. In this event, we will base the game on an autonomous shipping scenario from the EU project Threat Arrest. HATCH will emerge you in the role of a social engineering attacker who is planning to steal, capture or raise havoc on ships. We welcome you to show your skills and learn about social engineering in an enjoyable way.

09:00 - 11:00

MINOS I

Topics

  • Getting started with Cyber Threat Intelligence (CTI)
  • Key CTI concepts
  • Intelligence cycle
  • CTI Stakeholders

11:00-11:30

Coffee Break

11:30 - 13:00
MINOS I

Topics:

  • Strategic, operational, tactical CTI
  • CTI analytical models
  • CTI report writing
13:00 - 14:00

Lunch

program
14:00 - 15:30
MINOS I

Andreas Sfakianakis
Speaker short CV

Andreas Sfakianakis is a Cyber Threat Intelligence and Incident Response professional. Andreas is currently a CTI Analyst of Royal Dutch Shell based in Netherlands. He is also a member of European Network and Information Security Agency’s Threat Landscape Stakeholders’ Group and an external expert for ENISA and European Commission. He is a former CTI Analyst at Lloyds Banking Group and Network Information Security Expert at ENISA. He has more than 5 years of experience on Cyber Threat Intelligence field working and engaging with organizations from the banking and Oil & Gas sectors, European agencies, CERTs/CSIRTs, law-enforcement, intelligence professionals and researchers.

Andreas has been the co-author of a number of reports, namely: WEF's Global Risks 2013: "Digital Wildfires in a Hyperconnected World", ENISA's Threat Landscape 2012, ENISA's report on "Exploring the opportunities and limitations of current Threat Intelligence Platforms". He has also participated in the reviewing of ENISA CERT exercises as well as in various research and innovation proposals for European Commission. Finally, Andreas has been the Editor-in-chief of the "Threat Intel Weekend Reads" newsletter for 3 years.

Security requirements

15:30 - 16:00

Coffee Break

16:00 - 18:00
MINOS I

Topics:

  • Interfaces to processes
  • CTI models

Practical excercise

  • CTI Dissemination
program
program
09:00 - 11:00

PASIPHAE I

Introduction to IM

Theodoros Nikolakopoulos
Christian Van Heurck
Speakers short CVs

Theodoros Nikolakopoulos is a recognised and award-winning information security professional, with more than ten years’ experience. Currently serving as a member of the ENISA CSIRT Relations team, responsible for training, stakeholder management, maintaining operational readiness, and enabling seamless and secure communication between the CSIRTs Network members. Theodoros Nikolakopoulos has been previously engaged with Switzerlands' largest insurer; while initially tasked with Incident Management and Firewall Configuration Management, he was promoted to lead a virtual team of penetration testers, provide direct report to leadership, and drive technical consultancy as necessary. Prior to that, he worked for a dynamic CSIRT team, engaged with incident response and research on threat detection. Theodoros Nikolakopoulos has been awarded an undergraduate and a postgraduate degree from two leading European universities; with both theses being strongly focused on information security. During his career, he attended several accredited training programmes, gained a plethora of certifications, and has delivered impactful publications and presentations.

Christian Van Heurck is a member of the ENISA CSIRT Relations Team. He has a background in Physics, moved on to IT Project Management for the City of Antwerp, the Port of Antwerp. He gave many IT trainings and eventually joined the Belgian NREN’s CSIRT as a Security Analyst. After that he was the Head of CERT.be –the Belgian National CSIRT– for many years. Christian joined the ENISA CSIRT Relations Team where he is also in charge if the Technical Trainings.

11:00-11:30

Coffee Break

11:30 - 13:00
PASIPHAE I

Examples of Incidents from the Battlefield

Mr. Simone Balboni

13:00 - 14:00

Lunch

program
program
14:00 - 15:30
PASIPHAE I

Introduction to IM applied to a fictive scenario

Theodoros Nikolakopoulos
Christian Van Heurck

15:30 - 16:00

Coffee Break

16:00 - 18:00
PASIPHAE I

Topics: TBA

09:00 - 11:00

PASIPHAE II

Topics

  • Cyber decision
  • Operational planning

11:00-11:30

Coffee Break

11:30 - 13:00
PASIPHAE II

Topics:

  • Architecture assessment
13:00 - 14:00

Lunch

14:00 - 15:30
PASIPHAE II

Practical Excercise:

  • Scenario planning
  • Self-assessment
15:30 - 16:00

Coffee Break

16:00 - 18:00
PASIPHAE II

Practical excercise

  • Operational planning
  • Decision process
rekleitis
09:00 - 09:10

Introduction to Cryptography track at NIS summer school

Evangelos Rekleitis

program
09:10 - 11:00
MINOS II

Introduction to cryptography

Panagiotis Rizomiliotis
Speaker short CV

Dr. Panagiotis Rizomiliotis is an Assistant Professor at the Department of Informatics and Telematics of the Harokopio University of Athens. He holds a BSc in Informatics and Telecommunications, an MSc in radioelectrical engineering, and a PhD in Cryptography, all from the National and Kapodistrian University of Athens, Greece. In 2005, he joined COSIC research group at Katholieke Universiteit Leuven and worked as a postdoc researcher for two years. From 2012 until 2017, he was assistant professor at the Department of Information and Communication Systems Engineering of the Aegean University, member of the Info-Sec-Lab and external associate at the department of Digital Systems of the Piraeus University. Since 2012, he serves as a member of the plenary at the Hellenic Authority for Communication Security and Privacy. He has been involved in numerous Greek and EU funded R&D projects in the areas of Information and Communication Systems Security the last 18 years.
His main research interests include cryptography, IoT and cloud security.

  • History
  • Principles
  • Key terms
  • Attacker model

11:00 - 11:30

Coffee Break

program
11:30 - 13:00
MINOS II

Symmetric Encryption protocols - I

Panagiotis Rizomiliotis

  • Block ciphers
  • Pseudorandom generators
  • Confidentiality protocols:
    • Stream ciphers
    • Block cipher modes

13:00 - 14:00

Lunch

program
14:00 - 15:30
MINOS II

Symmetric Encryption protocols – II

Panagiotis Rizomiliotis

  • Hash functions
  • Message Authentication Codes
  • Authenticated encryption

15:30 - 16:00

Coffee Break

program
16:00 - 18:00
MINOS II

Public key encryption protocols

Panagiotis Rizomiliotis

  • Public key schemes (RSA ,el-gamal)
  • Digital signatures
  • Confidentiality protocols
  • Key agreement protocols – Diffie Hellman

program
09:00 - 10:00

MINOS I

Topics:

  • CTI Platforms and tools

Thinus Prinsloo
Speaker short CV

After obtaining his Honours Degree in Computer Engineering from the University of Pretoria in South Africa, Thinus joined the Maltego development team in 2012. Since then, he has developed transforms and generated content for Maltego. He has been involved with data mining projects, designing and writing of transforms, and the development of case studies and applications for Maltego. Thinus regularly presents training on the use of Maltego and facilitates organisations around the world to integrate their own internal data.

10:00 - 11:00

MINOS I

Samuel Hassine
Speaker short CV

Manon Viallet
Speaker short CV

Using OpenCTI to build an actionable knowledge base of cyber threat intelligence

11:00-11:30

Coffee Break

11:30 - 13:00
MINOS I

Topics:

  • Good practices in CTI

Practical Excercise:

  • Production of operational and tactical CTI
13:00 - 14:00

Lunch

14:00 - 15:30
MINOS I

Topics:

  • Intelligence sharing
15:30 - 16:00

Coffee Break

16:00 - 18:00
MINOS I

Topics:

  • Threat actors and advanced persistent threats (APTs)
  • The threat landscape
  • Maturity models
  • CTI evaluation
program
09:00 - 11:00

PASIPHAE I

Incident Response from another point of view

Thomas Roccia
Speaker short CV

Thomas Roccia is security researcher on the McAfee Advanced Threat Research team. He works on threat intelligence, tracking cybercrime campaigns and collaborating with law enforcement agencies. In previous his role, Roccia worked on the McAfee Foundstone team, performing worldwide incident response, malware hunting, and penetration testing. He has helped customers during major outbreaks and managed highly critical situations. Roccia has developed workshops, training courses, and presentations. His work in security research includes malware, reverse engineering, vulnerabilities, and car hacking. He speaks regularly at security conferences.
Twitter: @fr0gger_

  • Introduction
  • What exactly is a Security Incident?
  • Kill Chain
  • Incident Response Steps
  • Usecase: NotPetya

11:00-11:30

Coffee Break

program
11:30 - 13:00
PASIPHAE I

Incidents and Law Enforcement Agencies Collaboration

Thomas Roccia

  • Attacker Profiles
  • Diamond model of Intrusion
  • Mitre ATT&CK
  • Law Enforcement Collaboration
  • Usecase: Olympic Destroyer

13:00 - 14:00

Lunch

program
14:00 - 15:30
PASIPHAE I

ICS Incident Response: A few stories about Incident Response

Roland Sako (ICS CERT, Kaspersky)
Speaker short CV

Roland Sako is a Swiss security researcher working in Kaspersky's Industrial Control Systems Cyber Emergency Response Team (ICS CERT) responsible for conducting vulnerability research and delivering trainings. Today Roland is particularly interested in security for embedded devices security and developing teaching tools for cybersecurity. He enjoys conduction penetration testing of 'Internet of Things' devices ranging from industrial control systems to smaller consumer devices. He has previous experience as a security consultant, and in the education team at Kaspersky. Roland graduated from the University of Lausanne with a degree in Legal Issues, Crimes and IT Security, with a focus on mobile forensics.

Have you ever wondered how malware impacts ICS environments and how we respond to such crisis? During this talk, we will give you an insight of what it takes to work with ICS incidents response and forensics cases. After a brief introduction to our methodology, we will explain you how non ICS-specific malware can cause a notable impact to critical infrastructures. To illustrate our sayings, let us tell you how we dealt with an attack that touched a cement plant, how we manage to figure out exactly what happened solely using a single PCAP file. Also, we will go back to the well-known case of WannaCry and how we dealt with it. Based on several cases we did a research how such malware gets access to isolated ICS environment.

15:30 - 16:00

Coffee Break

program
16:00 - 18:00
PASIPHAE I

Real Incident response practice

Konstantin Sapronov (Head of Global Emergency Response Team - Kaspersky)
Speaker short CV

Konstantin Sapronov has had an extensive career in cyber security. Starting in 2000, he worked for Kaspersky Lab in Moscow, steadily taking on more tasks, from Non-Intel Threats Research Group Manager to Head of Virus Lab APAC in China. With over 20 years of IT technologies experience, mostly in security fields, and more than 15 years in the AntiVirus field, he now is the Head of Global Emergency Response Team. Konstantin is an distinguished expert in Computer Forensics and Incident Management. He analyzed malicious programs and computers threats and developed remedies for them. He has a solid understanding of computer viruses, exploits, and shell codes and has utmost knowledge of today's malware landscape and threat families.

During the presentation a few different cases from real Incident Response practice will be shared and it will be demnstrated that today cyber-attacks target all businesses’ types around the globe. Every case will be present in details. Initial point of attack, lateral movement technics used as well as tools for investigation will be discussed for every case.

09:00 - 11:00

PASIPHAE II

Topics:

  • Detection capabilities

11:00-11:30

Coffee Break

11:30 - 13:00
PASIPHAE II

Practical Excercise:

  • Operational planning
13:00 - 14:00

Lunch

program
14:00 - 15:30
PASIPHAE II

Dependencies for Effective Cyber Defence

Major Dimitrios Taketzis
Speaker short CV

Major Dimitrios Taketzis is a member of the defensive operations department with a focus on incident handling and digital forensics.
He is the standing representative on the Computer Security Incident Response Team (CSIRT) network and representing Greece in the regular meetings.
He is certified by GIAC in Security Essentials.
He graduated from George C. Marshall European Center for Security Studies (Program on Cyber Security Studies).
He participates in the regular Cyber Exercises “Cyber Coaltion” and “Locked Shields”, organized by the NATO Cooperative Cyber Defense Center of Excellence.

15:30 - 16:00

Coffee Break

16:00 - 18:00
PASIPHAE II

Topics:

  • Attack attribution
  • Overview of Exercise
program
09:00 - 11:00 MINOS II

Applied Cryptography

Panagiotis Rizomiliotis

  • Key size
  • Random generators
  • Secure hardware
  • Proxy signatures
  • End-2-End Encryption
  • Always Encrypted/encryption at rest

11:00 - 11:30

Coffee Break

program
program
11:30 - 13:00
MINOS II

Bad TLS Practices that Create a False Sense of Security

Jan Fajfer & Maria Rigaki

13:00 - 14:00

Lunch

program
14:00 - 15:30
MINOS II

Impact of Encryption in Security:Detection of HTTPS Malicious Traffic

František Střasák

15:30 - 16:00

Coffee Break

program
16:00 - 18:00
MINOS II

Advanced Cryptography,
Quantum Cryptography &Post-quantum cryptography

Panagiotis Rizomiliotis

09:00 - 11:00
MINOS II

Plenary of all trainings

11:00 - 11:30

Coffee Break

11:30 - 13:00
MINOS II

Closing Session

13:00 - 14:00

Lunch

16:00 - 19:30
Knossos

End of Event

Visit to archaelogical site of Knossos

Our Sponsors

Registration

There are four types of registration available:

  • Complete: Participant can attend all events
  • Conference only: Participant can attend the conference event only
  • Training Course only: Participant can attend one of the 4 available training courses, subject to availability:
    • CTI training (CTI): Updated to contain recent state-of-the-art developments in the area of Cyberthreat Intelligence.
    • Incident management (IM) : practical guidance in the management of high profile incidents, such as managing APT, Management of Large Impact incident (CII), etc.
    • Cyber defence (CD): In the foreground of capacity building in the area of cyber defence and the integration of Cyber Defence in the structure of the Commission, this topic is of great interest. Within this training, good practices regarding the tradecraft of cyber defence is going to be presented.
    • Encryption (ENC) : a training about the state-of-the-art of crypto.
  • Poster presentation: Includes invitation for 2 persons

Registration Fees

industry academia/public sector students
Complete Event 600 € 400 € 200 €
Conference only 300 € 200 € 100 €
Training session only 300 € 200 € 100 €
Poster Presentation 500 € 500 € 500 €

Through the registration link you will be able to register to the workshop and if you wish, you will also be able to make a hotel reservation to the proposed hotels with the special rates we have established for the conference participants.
Please do not forget to mention your training course preference during registration ( i.e. CTI, IM, CD or ENC).

Cancellation policy

A cancellation fee of €50 applies. No cancellation will be allowed after July 30th, 2019. If you cannot attend you may transfer the registration to another person. Any cancellations MUST BE RECEIVED by email nis2019@ccbsgreece.gr or fax +30 2810 330606

Registration is not complete until payment has been received. Payment is available through the online registration form , with bank transfer or credit card (VISA or MASTER).

Registration & Accommodation is available through:

CCBS GREECE LP
Cretan Conference and Business Services L.P.
6 Pediados Str, 71201, Heraklion GR
Tel: +30 2810 331010, Fax: +30 2810 330606
VAT: GR800532670
GNTO: 1039 E 60000 02246 01

Important message to Nis2019 participants:

We have received messages about fraudulent websites and companies, claiming to be official organizers and offering via email and telephone calls registration, hotel bookings and other arrangements for upcoming events in Greece in an attempt to extract confidential information such as credit card info.
The NIS 2019 Workshop organizers would like to strongly emphasize that, for registration purposes and accommodation offers, only the official website, as well as the links and contacts advised herein should be used.

Contact Information


European Union Agency for cybersecurity

1 Vasilissis Sofias Str Maroussi 151 24
Attiki, Greece
Tel: +30 28 14 40 9711


Foundation for Research and Technology - Hellas


N. Plastira 100, Vassilika Vouton
Heraklion, GR-700 13, Crete, Greece
Tel.: +30 2810 391945