The Human Factor task team for cybersecurity within the GÉANT project kick-started 2023 with their all hands meeting in Utrecht at SURF offices on 10-11 January. The first international meeting of the year in GÉANT’s busy calendar of events welcomed 16 participants from 11 European NRENs and GÉANT.
The human factor in cybersecurity is about education, understanding and awareness, it shifts the focus from a purely technical angle to one that addresses the wider complexity of the threats adopted by cybercrime today. In the context of GN5-1, GÉANT Project’s latest 2-year iteration, the human factor team will focus on the development of cybersecurity awareness initiatives, training courses, crisis management events and a dedicated cybersecurity mentorship programme.
Alf Moens, Security Lead for GÉANT and joint security work package leader with Henry Hughes from Jisc, introduced GN5-1 highlighting the cybersecurity team’s three main focus areas until the end of 2024: threat intelligence, compliance and essentials.
‘Cyber threat intelligence glues all the activities of the security work package. We will also need to have a long term focus on compliance with the NIS-2 European directive whilst developing essentials such as training, awareness, tooling, best practices and processes”.
Alf continued: ‘The cybersecurity landscape is changing as organisations are increasingly recognising the need for security awareness and training, the requirement to comply with directives and to prepare for crisis. We need to be able to put our efforts into understanding the current demand and translate it into products, services and training. We also need to make sure that we ask the right questions in order to help to shape that demand”.
Charlie van Genuchten, Human Factor task leader added: ‘The purpose of our task is to continue developing our security training programmes, sharing security awareness materials with the community and supporting NRENs’ preparedness for crisis by enhancing their skills and expertise. We will also explore the possibility of a mentoring programme in order to bridge the cybersecurity skills shortage in the NREN arena.”
At the end of two busy days of planning and discussions, the team agreed that the identification of target audiences needs to be the main priority across all subtasks, that security awareness is needed all year round and that after an analysis of the NRENs’ local skills the team will aim to provide the support needed to improve them.
Charlie closed: ‘We can’t wait to start implementing our plans and to continue supporting the NREN community with training courses, crisis exercises, awareness initiatives, events and more!’.
For further information about the Human Factor team and plans in GN5-1, please contact Charlie van Genuchten at SURF.