Jochen Michels, Head of Public Affairs, Europe
Kaspersky experts to provide dedicated training sessions on incident response in ICS environments and in other cases
Trust and security are at the core of the European Union Digital Single Market Strategy (presented in 2015) together with efforts aimed at enhancing cybersecurity, as stated in the 19th Progress Report towards an effective and genuine Security Union. The adoption of the Directive on security of network and information systems (NIS Directive) in July 2019 marked another important milestone toward a more secure digital environment in Europe.
This cybersecurity legislation aims to achieve common state-of-the art standards of network and information security across all EU Member States through increased EU-level cooperation and risk management and incident reporting obligations, bringing together all 28 national competent authorities’ CSIRTs, the Commission, and the European Union Agency for Network and Information Security (ENISA).
As one of the early results, this harmonization work has led to a number of impressive collaborative public-private initiatives for improving cybersecurity capabilities at national level and increasing awareness, training and education related to NIS. A good example is the Network and Information Security (NIS) Summer School, which is jointly organized by ENISA and FORTH – the Foundation for Research and Technology - Hellas.
As a global company, Kaspersky is dedicated to promoting a culture of trust and security in Europe and worldwide. That is why the company is keen on dialogue and exchanges of views in the fields of politics, science and business. Besides, one of Kaspersky’s chief aims is to improve the ability of all sectors and actors to deal with cyberattacks. These are just some of the reasons it will be contributing to this year’s NIS Summer School, which is taking place in Crete, Greece, on September 16–20, 2019, with the overarching theme ‘Security Challenges of Emerging Technologies’.
Distinguished experts from around the world will meet in Crete to identify current trends, threats and opportunities against a backdrop of the recent advances in NIS measures and policies. Policy makers from EU Member States and EU Institutions, decision makers from industry, and members of the academic community will be in attendance at this high-level event. Kaspersky will deliver two training sessions on incident management in the afternoon of September 19.
Roland Sako of Kaspersky’s ICS CERT will explain how malware can affect ICS environments and how to respond in a crisis. In his talk he will share his experiences of working with ICS incident-response and forensics cases. After a brief introduction to the methodology, he will explain how non ICS-specific malware can bring about a notable impact to critical infrastructure. To illustrate this he will give an example of how the ICS CERT dealt with an attack on a cement plant: how they managed to figure out what happened solely using a single PCAP file. He will also dive deep into the well-known WannaCry case.
Konstantin Sapronov, Head of the Global Emergency Response Team at Kaspersky, will go over a few real Incident Response cases. He will demonstrate that today cyberattacks target all business types around the globe. Each case will be presented in detail, covering for example initial points of attack, lateral movement techniques used, as well as tools used for investigation. Attendees will also learn about the latest incident trends based on day-to-day experiences.