ENISA establishes the Ad-Hoc Working Group on Cyber Threat Landscapes

Jochen Michels, Head of Public Affairs, Europe

With Decision No. 37/2021, ENISA's Executive Director, Juhan Lepassaar, established the Ad-Hoc Working Group (AHWG) on Cyber Threat Landscapes, with lists of selected candidates for membership. Kaspersky is very proud that Daniel Creus, Lead Researcher within its GReAT (Global Research & Analysis Team), based in Spain, was selected as one of the 18 appointed members. In addition to that, eight observers from EU and member state authorities were designated. Participation in such important working groups is in line with Kaspersky's dedicated multi-stakeholder approach, which emphasizes trust-based collaboration, cooperation and transparency, and is reflected in its participation in numerous other forms of collaboration in Europe and around the world.

Commenting on his new appointment, Daniel Creus said: “I am highly motivated to contribute to this AHWG as my entire career has been devoted to the group’s scope: designing, updating and reviewing methodologies for creating cyberthreat landscapes. Additionally, my current work involves the developing of a cyberthreat taxonomy and applicable standards, tools and methods in order to generate an accurate view of the current and future threat landscapes”.

Scope of the Working Group

This working group is key because the cyberthreat landscape is rapidly evolving. Against this background, policymakers, businesses, the cybersecurity ecosystem and civil society have a need for up-to-date, high-quality information on the current threat landscape, supported by threat intelligence. To ”provide targeted as well as general reports, recommendations, analysis and other actions in relation to future cybersecurity scenarios and threat landscapes“ is defined as an output in ENISA’s Work Programme for the year 2021 (Activity 8, Output 8.2.). According to its Terms of Reference, one goal of the AHWG is to develop both (i) a new, clear and publicly available methodology for threat landscapes, and (ii) an annual ENISA Threat Landscape. The interaction with a broad range of stakeholders will broaden the perspective and give ENISA manifold impulses on a number of relevant aspects. The scope of this ad hoc working group is to advise ENISA in designing, updating and reviewing the methodology for creating cyberthreat landscapes, including the annual ENISA Threat Landscape.

Broad expertise

Daniel is a member of the GReAT team at Kaspersky focusing on threat hunting and cyberthreat intelligence (CTI). His function is to maintain and improve Kaspersky´s threat intelligence products and services to ensure that higher CTI standards are met. His work involves research into new malware and keeping track of different threat actors and intrusion sets, documenting the whole process following a strict analytical methodology. He is specialized in producing tactical and strategical cyberthreat intelligence, including advice on the current threat landscape, adversary TTP evolution, and reporting on threat trends.

GReAT – the Global Research and Analysis Team

Established in 2008, the Global Research & Analysis Team operates at the very heart of Kaspersky, uncovering APTs, cyber-espionage campaigns, major malware, ransomware, and underground cyber-criminal trends across the world. Today GReAT consists of 40+ experts working globally – in Europe, Russia, the Americas, Asia, and the Middle East. These talented security professionals provide company leadership in anti-malware research and innovation, bringing unrivalled expertise, passion and curiosity to the discovery and analysis of cyberthreats.

Kaspersky’s broader multistakeholder activities in Europe and globally

Kaspersky pursues a dedicated multistakeholder approach. In Europe, the company works together numerous national and international organizations and PPPs. These include, beneath ENISA, Europol with the EC3, where the company is a member of the Advisory Board on Internet Security, and the global NoMoreRansom initiative, which Kaspersky launched together with Europol, the Dutch Police, and McAfee. Kaspersky is currently a consortium partner in four Horizon 2020 projects funded by the European Union. The company is also a partner of the Council of Europe to promote an open and safe internet alongside other tech companies, and is engaged in the Geneva Dialogue on Responsible Behavior in Cyberspace. The cybersecurity company is also a member of FIRST, the global Forum of Incident Response and Security Teams. Kaspersky has contributed to the OECD 2021 reports on Digital Security and Vulnerability Treatment, is an early signatory of the Paris Call for Trust and Security in Cyberspace, and contributes to discussions at the UN level, e.g., with regard to the UN Open-Ended Working Group (OEWG) on developments in the field of information and communication technology (ICT) in the context of international security.