Date: 01-10-2024
10:45-11:35
Title: From advisories to real-time vulnerability feeds: how to apply CSAF and SBoM in your vulnerability management
Speakers: Michiel Oosterwijk & Jacco Ligthart (NCSC-NL), Gerrit Berkouwer, Michiel Aptroot & Rutger Gerritsen (Ministry of General Affairs)
Description: NCSC-NL has updated their information services about hardware and software vulnerabilities. We present why and how we have done this. The Ministry of General Affairs shows how they make use of this new service for their vulnerability management process.
Entry: Open to all ONE Conference participants
13:35-14:25
Title: The Cybercrisis Experience
Speakers: Jeroen Jansen (NCSC-NL), Bart van Wijnen (NCSC-NL), Stefan Nelwan (NCSC-NL), Sara van Breugel (NCSC-NL), Bas van Grieken (NCSC-NL)
Description: What happens in a cyber crisis with large-scale disruption or even outages at the national level? If this is a mystery to you, here is your chance to experience it. Step into the world of the National Cyber Security Centre (NCSC-NL) and join a crisis team as a long-dormant cyber attack unravels.
First, we will briefly and practically take you through how the Cyber System and national crisis management is organised. After this, we go through a scenario where information realistically arrives at different crisis teams. Finally, we discuss the dilemmas and necessary decisions with room for any questions at the end.
contact: crisispreparatie@ncsc.nl (referencing: The Cybercrisis Experience)
Entry: Open to all ONE Conference participants (max 36 persons)
14:35-15:25 – NO PUBLICITY
Title: TTPs – Telemetry, Threats, and Persistence
Speakers: Bart van den Berg (NCSC-NL), AIVD and MIVD
Description: The Intelligence and Security Services of the Netherlands (AIVD & MIVD) will outline the importance of telemetry for organisations when detecting and defending against (sophisticated) nation-state actors. In order to underline this message, they will provide an overview of cyber incidents attributed to nation-state actors in the Netherlands and take a closer look at some of the incidents.
Entry: Pre-register at Central America – subject to availability
Date: 02-10-2024
10:45 – 11:35
Title: Contact with NCSC-NL, how does it work?
Speakers: Sabine Emden & Bas de Jonge (NCSC-NL)
Description: Since 2018, the NCSC-NL has had a Fusion Centre, which is the central information hub. With this presentation we give you a look behind the scenes. Important points that will be discussed: we will take you through the different tasks in the Fusion Centre, the different functions in the Fusion Centre and the ways in which we receive information through our international contacts and various media channels. We will also go through a Responsible Disclosure report. Have you always wanted to know where your report to the NCSC-NL ends up? And how is it actually handled? We’ll tell you!
Entry: Open to all ONE Conference participants
11:45-12:35
Title: Lessons learned from Program Cyclotron: Building a public-private cybersecurity coalition.
Speaker: Sjoerd Verheijden (NCTV)
Description: How do you work in a coalition with ca. 80 partners – in all kinds of alternating, demanding coalitions – whilst facilitating data sharing on cyber threats and incidents, and the exchange of intelligence and expertise to enhance the cyber resilience of the Netherlands? Program Cyclotron, as part of the NCTV and NCSC, has gained experience in building such a coalition consisting of companies for vital and non-vital infrastructure, cyber security companies, a variety of public organisations, and other partners.
In this session, we will explain more about the main objectives of Program Cyclotron and we will share valuable lessons learned on a number of topics like ‘What makes this private-public cooperation unique (or not)’, ‘When is a coalition successful?’ and more. Together we will reflect on these lessons learned, as we are also curious for your input on this topic. Expect an informative and interactive session, with plenty of new insights and interesting conversations.
Entry: Open to all ONE Conference participants
13:35-14:25 – NO PUBLICITY
Title: TTPs – Telemetry, Threats, and Persistence
Speakers: Bart van den Berg (NCSC-NL), AIVD and MIVD
Description: The Intelligence and Security Services of the Netherlands (AIVD & MIVD) will outline the importance of telemetry for organisations when detecting and defending against (sophisticated) nation-state actors. In order to underline this message, they will provide an overview of cyber incidents attributed to nation-state actors in the Netherlands and take a closer look at some of the incidents.
Entry: Pre-register at Central America – subject to availability (max 36 persons)
14:35-15:25
Title: MASKeR workshop BYOB: bring your own breach
Speakers: Robin Staa (NCSC-NL), Max Dijkstra (NCSC-NL), Juriaan Spierenburg (NCSC-NL), Simon Veen (NCSC-NL), Jaap Noordhoek (NCSC-NL)
Description: Why tackle risk management in isolation when you can collaborate with peers and both share and mitigate risks together?
At the NCSC-NL, we promote and facilitate the collaborative development of risk management strategies across industries and sectors, both public and private. Through our approach which is centered on building risk scenarios, organizations collaboratively analyze risks and share their views on how to manage them effectively.
In this workshop we will:
Introduce NCSC-NL’s organization-transcending risk management methodology and our approach to public-private cooperation; Demonstrate how we design risk scenarios by empowering participants’ knowledge through structured analytic techniques; Provide participants with tools, processes, and knowledge to identify the most significant threats to their assets; Guide participants in translating these risks into actionable scenarios and take mitigative action. Join us at the workshop and gain skills and insights to strengthen your organization’s risk management approach!
Entry: Open to all ONE Conference participants
