Call for Papers: FIRST CTI 2024

Call for Papers: FIRST CTI 2024

The FIRST CTI conference provides a gathering place for experts in the field to share knowledge, contribute ideas, and learn the latest in proactive approaches in relation to threat intelligence. The format is formal and includes management, technical, and hands-on components. Plenary content focuses on discussions that are more sensitive and related to the day-to-day work of participants. Workshops are interactive and taught by leading security experts in small workgroup settings. While the event has evolved since its humble origins in 2016, the main goal of the gathering has stayed true: to unite diverse stakeholders and provide an open forum for the development of new ideas.

FIRST is seeking speakers that would like to present on topics related to Cyber Threat Intelligence including:

Continue reading “Call for Papers: FIRST CTI 2024”

Presenting at FIRST CTI 2023

Presenting at FIRST CTI 2023

Woohoo Berlin here we come! On 6 November 2023, the FIRST CTI Conference 2023 starts in Berlin. Monday is a day full of workshops, while on Tuesday and Wednesday the plenary sessions will take place!

Check the conference’s agenda: https://www.first.org/conference/berlin2023/program

FIRST CTI conference is my favourite CTI conference in Europe and last year it was a HUGE success! I am also pleased to present on how CTI teams can effectively operationalize their CTI process.

Continue reading “Presenting at FIRST CTI 2023”

ENISA Threat Landscape 2023

ENISA Threat Landscape 2023

Yeap, it is this time of the year 😍 ! ENISA Threat Landscape 2023 has just been published! The report contains lots of great content and the recommendation here is to focus on the parts that are most relevant/interesting for you. Kudos to all the authors of the report and all who contributed to this deliverable.

Continue reading “ENISA Threat Landscape 2023”

SANS DFIR Prague 2023

SANS DFIR Prague 2023

On 1 October 2023, I attended SANS Institute DFIR Europe Summit in Prague. It was my first time participated in this conference and I really enjoyed the content shared. I loved the presentation from Simone Kraus (Orange) on “Threat Informed Defense & Detection Engineering with MITRE ATT&CK” and the one from Chris Doman (Cado Security) presenting on “A New Perspective on Resource-Level Cloud Forensics”.

From 2 to 7 October 2023, I did my first co-teach for SANS Cyber Threat Intelligence FOR578 course. I would like to thank all the students for their active participation and the perspectives they brought to the class. Moreover, I would love to thank SANS EMEA people for all their support.

Continue reading “SANS DFIR Prague 2023”

2nd ENISA Cybersecurity Market Analysis Conference

2nd ENISA Cybersecurity Market Analysis Conference

On 28th September, 2023, I joined the Cybersecurity Market Analysis Conference organized by the European Union Agency for Cybersecurity (ENISA) in Heraklion, Crete, Greece. The objective of the conference was to promote a policy debate in the area of cybersecurity market analysis.

I had the pleasure to moderate a panel on the “Threat Landscape and Industry Response”. The panel comprised of four panelists that provided their insights on how the threat landscape and emerging technologies impact product security and development. Mikko Karikytö (Ericsson) , Siddhartha Rao (SAP ), Natalie Kilber (HARMAN International ), and Mark Woods (Splunk ).

Continue reading “2nd ENISA Cybersecurity Market Analysis Conference”

When Cyber Meets Physical

When Cyber Meets Physical

On 13 September 2023, ENISA CTI-EU 2023 took place in Athens. I had the pleasure to attend and present during the conference and it was an opportunity to meet again with many of EU-based CTI peers.

My presentation was all about how CTI teams work with Physical Intelligence teams within organisations, common intelligence requirements, and knowledge transfer opportunities. My (biased) perspective on this cyber – physical collaboration journey was provided as well as a couple of 2 recent examples to showcase the value. Finally, the presentation concluded with a call to action: CTI teams should start the discussion with the physical intelligence teams (if this is not already happening), identify common areas for collaboration and intelligence requirements to work together, be prepared when major geopolitical events happen (spend time now to save time later in the future).

Continue reading “When Cyber Meets Physical”

Setting Your CTI Process In Motion

Setting Your CTI Process In Motion

On 7 December 2022, ENISA CTI-EU 2022 took place in Brussels. I had the pleasure to present about putting how CTI teams can put their CTI process in motion. The problem statement was how CTI teams track the work they do and manage the CTI knowledge they produce. I elaborated on the value of workflow and case management for CTI teams and some basic ingredients for success.

Continue reading “Setting Your CTI Process In Motion”

ENISA Threat Landscape 2022 – Threat Actor Trends

ENISA Threat Landscape 2022 – Threat Actor Trends

On 3 November 2022, ENISA published its Threat Landscape 2022 report, which is the annual report of the EU Agency for Cybersecurity on the state of the cybersecurity threat landscape. This is the 10th edition of the ETL report and covers a reporting period from July 2021 to July 2022. ETL report is an annual must-read for most cyber security professionals (at least) within the EU. The report might look long at first glance (~150 pages), but it is split into separate sections:

Continue reading “ENISA Threat Landscape 2022 – Threat Actor Trends”