Edge Devices: Your network blindspot
Edge devices are often a black box: limited transparency, minimal monitoring, and when compromised, they offer a direct stepping stone into your internal network. Precisely because signs of an attack are barely noticeable, breaches are often detected too late. And every time a new zero-day vulnerability emerges, swift and targeted investigation is essential—but in practice, […]
Growing Pains: Cyber Situation Awareness In Expanding Ecosystems
Situation awareness (SA) is a term often used in the context of cybersecurity collaborations, where knowledge about risks and threats get shared in order to increase collective resilience against cyber threats. The term has increased in popularity ever since the evaluation of the first European Directive on Network and Information Security (NIS1) stated that there […]
The art of analysis
For the ONE, the NCSC will publish the SATs toolbox (naming will change, this is a draft title). SAT stands for structured analytic techniques and are techniques that have been used for decades in the security domain to properly deal with uncertainties. In fact, SATs help to work more effectively and efficiently. SATs are crucial […]
Crypto agility
The crypto agility monster
From due diligence to resilience: how to secure your most critical suppliers
In the session, NCSC and DTC will provide practical guidance on the important components of supplier risk management. Both organizations have published multiple publications and webpages on supply chain risk management the past year. Some questions that will be addressed are: What are the best practices of supplier risk management? How mature organizations can help […]
Nationaal Detectie Netwerk Doorontwikkeling
Binnen het NIS2-programma werken we hard aan de modernisering van het Nationaal Detectie Netwerk (NDN). Waar het netwerk nu vooral steunt op netwerksensoren binnen de rijksoverheid, breiden we het uit met ondersteuning voor nieuwe technologieën, zoals detectie binnen cloudomgevingen. Bovendien maken we het NDN schaalbaar, zodat alle NIS2-doelgroeporganisaties dreigingsinformatie kunnen uitwisselen. Dit jaar zetten we […]
CERTain Expectations: An Empirical Study into the Challenges of Sector CSIRTs
Sectoral Computer Security Incident Response Teams (sector CSIRTs) play an increasingly vital role in managing cybersecurity incidents within specific sectors, such as local government or critical infrastructures. Despite their growing importance, there is a lack of industry guidance and academic research on the unique challenges faced by sector CSIRTs. This study aims to fill this […]
Air Force ONE? No… Human Force ONE: the importance of a trusted network
NIS2 requires a change in how NCSC and the parties can find each other. Digital First and relationship management reinforce each other so that the parties continue to feel heard and (continue to) share information. PPS, ISACs, bilateral discussions, industry associations, switching organizations, KCC, conferences, etc.. We demonstrate the NCSC’s role in building confidential relationships […]
So Long, and Thanks for All the Phish: A Rare Look Behind the Scenes of a Global Phishing-as-a-Service Operation
This session unveils the inner workings of Darcula, the largest phishing-as-a-service (PhaaS) operations active globally. Through meticulous investigation, we trace Darcula’s infrastructure, from its impersonation of 236 brands to the 30.000+ active phishing domains and 884000+ stolen cards uncovered. This behind-the-scenes journey combines forensic analysis and opensource intelligence (OSINT). The audience will gain rare insights […]
Operation Heart Blocker – Disrupting the market of a cybercrime syndicate
In Operation Heart Blocker, we dealt a major blow to one of the largest “Cybercrime As A Service” networks. The organization behind this network had dozens of webshops where cybercrime tools were offered and operated as a professional company. This presentation explains how we ultimately mapped out a complete worldwide network of malicious webshops and […]
