Cyberwatching.eu organized its first Annual Workshop at Cybersec Forum 2018 in Krakow, Poland.
The Annual Workshop was organized in three sessions :
Cyber-threats continue to increase in numbers and complexity, threatening business, citizens, governments and critical infrastructure globally.
EU policies and legislation, such as the GDPR and Cybersecurity Act, are being advanced to address threats to governments, businesses and vulnerabilities affecting consumer data and individual privacy. Europe’s first step at harmonisation of the cybersecurity legislation across the European Union is the Cyber Act (Cybersecurity Package).
But how does this compare internationally?
In the US, the focal point is the NIST Framework, while in Japan it is NISC. With such a nascent landscape, harmonisation and a common framework is required not only at national levels but also at European and international levels.
The session was the place for international dialogue on this very topic. Shooting from the hip, the session saw experts from Europe, the US and Japan addressing the key issues towards international harmonisation and answering the following questions:
✅ How can we better understand and implement public policies to fight cybersecurity threats while preserving innovation, security research, civil liberties, and individual privacy?
✅ Will the GDPR be taken as an opportunity for businesses to provide trusted and secure services to customers?
✅ Will it drive the global digital market or become a barrier? How much of a significant issue will this be for SMEs?
✅ What mechanisms can we use to reduce risk and attain our global quest for cyber trust?
AGENDA - S3 Auditorium
TIMING |
SESSION |
---|---|
11:40 – 11:45 |
Introduction to session and panellists Chair: Mark Miller, Conceptivity & Cyberwatching.eu |
11:45 – 12:10 |
Opening statements by each Panelist from their perspective on the topic of the session, identifying their top 3 priority areas for international alignment
|
12:10 – 12:20 |
Q&A |
12:20 – 12:35 |
GDPR and recent EU directives and law
|
12:35 – 12:50 |
|
12:50 – 13:05 |
Discover the reason why to plan and use Risk Management and Cyber Insurance in organizations to enable a better IT Security Strategy “How will cyber risk management affect tomorrow's business?”
|
13:05 – 13:10 |
Q&A |
13:10 |
Workshop Close |
SPEAKERS
Mark Miller
Mark Miller is the Founder and CEO of CONCEPTIVITY and is part of the cyberwatching.eu consortium. He has over 29 years of experience in defense, security, information technology and international supply chain security issues. He brings a breadth of expertise, which addresses key areas for cyberwatching.eu. He is the Vice Chairman of the European Organisation for Security (EOS) as well a Member of the Board of Directors of the European Cyber Security Organisation (ECSO) and the Cybersecurity Public Private Partnership (cPPP). He is a graduate of the Massachusetts Institute of Technology (MIT) holding a degree from the MIT Electrical Engineering and Computer Science Department as well as an MBA from the International Institute for Management Development (IMD). Mr. Miller is the Chairman of ECSO Working Group 1.4 (Cybersecurity Standards / Certification / Supply Chain), Chairman of ECSO Working Group 2.3 (Cybersecurity International Cooperation) as well as Chairing ECSO Working Group 3.4 (Financial Sector Vertical).
Luigi Rebuffi
Luigi Rebuffi is the CEO and founder of EOS (European Organisation for Security) and the Secretary General and founder of ECSO (European Cyber Security Organisation).
After having graduated in Nuclear Engineering at the Politecnico di Milano (Italy), he has worked in Germany on the development of high power microwave systems for the next thermonuclear fusion reactor (ITER). He continued his carrier at Thomson CSF / Thales in France where he took on increasing responsibilities for European Affairs (R&D) in different sectors: telecom, industrial, medical, scientific, and becoming in 2003 Director for European Affairs for the civilian activities of the Group. He suggested the creation of EOS and coordinated its establishment in 2007. In 2016 he contributed at the creation of ECSO and signed with the E. Commission the cPPP on cybersecurity. Until 2016 and for 6 years, he has been an advisor to the European Commission for the EU Security Research Programme and President of the Steering Board of the French ANR for security research.
Fabio Martinelli
Fabio Martinelli is a research director of the Italian National Research Council (CNR) where he is referent for cyber security activities. His main research interests involve security and privacy in distributed and mobile systems and foundations of security and trust. He usually manages R&D projects on information and communication security and, in particular, he is currently the Project Coordinator of the EU Network on Cyber Security (NeCS) and of the Collaborative information sharing and analytics for cyber protection (C3ISP) project. He also serves as expert in the H2020 Protection and Security Advisory Group (PASAG) and acts as First director in the Board of the European Cyber Security Organization (ECSO). He is also member of the Italian Committee for Cyber Security Research (as CNR security expert).
Adam Kozakiewicz
Adam Kozakiewicz has worked for NASK-PIB (Research and Academic Computer Network - National Research Institute) since 2006. Assistant Professor and head of the Network and Information Security Methods Team in the NASK Research Division. Interests include intrusion detection, honeynets, critical systems protection and virtualisation security.
NASK's representative in the Information Technology – Security Techniques Technical Committee of the Polish Committee for Standardization. Has taken part in several national and EU-funded research projects (EU: WOMBAT, FISHA, NECOMA, SISSDEN, EUNITY), currently the coordinator of the SISSDEN project. The author of over forty publications, he has spoken at many conferences. Adam Kozakiewicz holds a PhD degree in Telecommunications and MSc degree in Computer Science, both from the Warsaw University of Technology, where he also works part-time as Assistant Professor in the Institute of Control and Computation Engineering.
Laura Senatore
I am a legal consultant in the fields of Data Protection Law as well as Information, Communication and Technology Law.
I received my master’s degree, magna cum laude, in Law from the University of Salerno in 2015, with a thesis about the evolution of privacy in Digital Age, with special reference to the role of personal data in social networks.
After a traineeship at the Italian Data Protection Authority, I am currently associate of ICT Legal Consulting, a law firm specialised in the fields of Information and Communication Technology Law and Privacy, and research fellow at the Italian Institute for Privacy.
Martin Schaffer
Martin Schaffer is Global Head of Secure Products & Systems, Digital Trust Services of the SGS Group with deep expertise in cryptography and applied security for embedded devices as well as in security evaluation & certification. He is a regular speaker at international conferences, actively participates in industry associations such as ECSO and Eurosmart, where he is chairing dedicated working groups on certification. Since November 2017, he is “ad personam” a member of ENISA’s Permanent Stakeholders Group. Martin holds a degree PhD-degree in computer science from Klagenfurt University, focusing on security, privacy and cryptography.
Francesco Manca
Francesco Manca is Cyber Security Senior Specialist at AON Global Risk Consulting Italy. Gained with highest honors the Master’s Degree in Management Engineering at the Università di Napoli Federico II. He began his career in Management Consulting in the Governance, Risk, Compliance field in Information Security. His experience an experience in projects in national and international companies (Banking, IT providers, Energy & Resource, Financial Services, Technology, Utilities) with the below main skills: support the client to assess and reach the conformity with the standards and laws in IT and privacy (e.g. GDPR, ISO27001, ISO 22301, eIDAS, AGID, ITIL, COBIT, etc.), process, policy and procedures definition in the IT and IT security field, assess the Cyber Risk Exposure Level, IT Internal and third party Audit, Defining Business Continuity and Disaster Recovery Plans and Related Operating Procedures following Best Practices (e.g. ISO22301; ISO31000...), Cyber Risk Assessment, Business Impact Analysis, supporting the clients to achieve compliance with the GDPR. With the Aon’s team he defined a Cyber Risk impact quantification model and in his career supported the certification 3 companies in ISO27001:2013 standard, 2 companies to be a QTSP (qualified trusted service provider). Has a significant experience in providing IT security services for the largest IT provider for the Italian social and healthcare field. He’s a ISO 22301 Lead Auditor.
Aniello Bennato
Aniello is a Cyber Risk Project manager within Aon’s department of AGRC Aon Global Risk Consulting - Governance, Risk Resilience (IT, CS & Privacy Risk Management) services.
Involved in Governance, risk and resilience projects with the aim to improve the conformity of the financial clients to European / Italian laws, evaluating the non-conformity risks, reviewing the client’s policies and procedures to ensure their compliance, being part of a team involved in IT, CS & Privacy Risk Management / risk management / data governance and GDPR Compliance and implementation projects.
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use