Workshop

From Information sharing to Analysis Center

Start Date  -  End Date
This workshop is an online panel discussion on the ambition to grow from ‘Information sharing’ towards being an ‘Analysis Center’ for your sector. During the workshop we will facilitate an expert discussion on the topic. With experts from ISACs we will share the views and ideas on being a ‘analysis center’ as ISACs. The panel is populated by: • Wim Hafkamp (Quarter Master for the European Health ISAC and former chair and founding father of the European FI-ISAC) • John Morgan Salomon (Former member of the FS-ISAC and member of the Global Cyan, Cybersecurity advisors network) • Brice Copy (Chair of EuroSCIE (EU ISAC for Industrial Control Systems), Project Engineer Industrial Control Systems/ SCADA at CERN) • Richard Kerkdijk (European Telco ISAC and Vice-Chair of the Information Security WG , Senior security consultant - Cyber Security and Robustness TNO) Teams link: https://teams.microsoft.com/l/meetup-join/19%3ameeting_MmIyNjZmMDctNDU2MS00MzhlLThmNTYtMjM5NGM0NDJmMzBi%40thread.v2/0?context=%7b%22Tid%22%3a%2276a2ae5a-9f00-4f6b-95ed-5d33d77c4d61%22%2c%22Oid%22%3a%22ae67126e-d002-4dfd-ae67-a1b969d5ad22%22%7d

Cooperation between CSIRTs and ISACs

Start Date  -  End Date
During the workshop we facilitated an expert discussion on the topic. With experts from ISACs and CSIRTs shared experiences and insights on the cooperation between ISACs and CSIRTs. The panel was populated by: • Alexandre Dulaunoy (PISAX, CIRCL) • James Caffrey (National Cyber Security Centre, Department of the Environment, Climate and Communications, Ireland) • Olivier Caleff (Open CSIRT Foundation, FIRST, CISO – ERIUM) • Olivier de Visscher (European Railway ISAC facilitator)

Information sharing - Rules of the game

Start Date  -  End Date
This workshop was about lessons learned on the rules of the game for information sharing. During the workshop the legal experts network from ‘Spark Legal Network’ shared their experiences and insights on information sharing via the EU ISAC platform. This answered questions like: • Which legal issues might arise from ISACs sharing information via the platform? • What types of data are likely to be shared and what are the legal consequences flowing from the typology? o If you share personal data, what to bear in mind? o What if there is a mix of personal and non-personal data is in a dataset? o What to keep in mind if you are sharing data to which you don’t have copyright? o Do not forget about the trade secrets directive, or any other legislation. • Why you should be careful giving advice. Beware of potential for liability!

Lessons learnt from real life incident information sharing

Start Date  -  End Date
The 9th Thematic Workshop session took place on July 7th 2022, organised by the Empowering EU ISAC consortium and the European Commission (DG CONNECT). This workshop was about lessons learned on real life incident information sharing. During the workshop our expert network from the European ISACs shared their experiences on information sharing about incidents that happened recently. They answered questions like: 1. What was the first trigger the incident and what was the impact for their organisation? 2. What did they do to mitigate the incident? 3. How did they inform peer organisations including their ISAC colleagues? 4. What are the lessons learnt?

Online Thematic Workshop 5: The revision of the NIS Directive (NIS2) and its effect on cross-border information sharing

Start Date  -  End Date
This workshop is about the Revised Directive on Network and Information Security (NIS2) and its effects on cross-border information sharing. The Consortium will give the stage to Boryana Hristova-Ilieva. Boryana is a legal officer in the Unit H.2, which deals with cybersecurity and digital privacy policy of DG CNECT of the European Commission. For the past two years, she has been part of the team working on the implementation and revision of the NIS Directive. The main focus of her talk is to explore the effects of the updated Directive to cross-border information sharing in Europe.