October is cybersecurity month, the European initiative coordinated by ENISA and by the European Commission to raise cyber security awareness in Europe, and GÉANT will take part with its Cybersecurity Month 2023 campaign, Become a Cyber Hero. We are happy to announce that also this year our campaign will feature a programme of four webinars that will be held by security experts from industry and the wider GÉANT community. We will also continue with our collaboration with RedCLARA – the Latin American space for collaboration and development in education, science and innovation – which will provide access of live interpretation services in English, Spanish and Portuguese.
But, going back to our webinars, we will hear about successful internal awareness programmes, follow a stimulating debate on the pros and cons of phishing simulation campaigns, listen to an overview of the current cybersecurity threats affecting universities in Europe and be introduced to the intriguing subject of neurodiversity in cybersecurity, which will also be of particular interest to recruiters and HR professionals.
Explore the webinar programme and register today!
5 October 2023 – 15:00 CEST
Cybersecurity for universities, current threats in the security landscape… and how to face them!
Universities are brimming with intellectual prowess. Among their ranks, they have world-class security researchers, renowned information security experts, and budding professionals ready to disrupt the cybersecurity landscape. Yet, many institutions are looking outside for solutions and spending substantial amounts on third-party services, often overlooking the potential of their own in-house expertise. Cost-Effective solutions: working with internal resources can significantly reduce expenses. Instead of outsourcing, universities can fund internal research projects or initiatives, which in turn can provide practical solutions at a fraction of the cost. Skill Development: engaging internal talent in practical projects ensures they’re continually honing their skills. This creates an ecosystem of learning and application, benefiting both the students and faculty. Real-world Application: universities are microcosms of larger societies. Addressing their own security concerns can serve as a case study or blueprint for broader applications, making their research more relevant and applied. Strengthened Reputation: by showcasing successful projects handled by their own researchers, universities can bolster their reputation in the cybersecurity domain, attracting further talent and partnerships. This presentation will show the threats we are faced with and also how to transform your cybersecurity strategy.
Speaker: Kieren Lovell, Head of IT Security at BetVictor
Kieren is a cybersecurity professional, who originally served for the Royal Navy on nuclear submarines and minehunters. He then left to work with the Royal Norwegian Navy, and served on operations for Standing NATO Maritime Group One. After that, he became the Head of Computer Emergency Response for the University of Cambridge, the biggest digital private network in Europe. He was a supervisor and Lecturer for the International Programme at Pembroke College, University of Cambridge and Tallinn University of Technology, a mentor at Startup Wise Guys for Cyber and SaaS, the Chief Operating Officer at SensusQ (an AI Command, Control and Communications Platform) and the Head of Information Security for Pipedrive. Kieren now lives in Gibraltar, and is the Head of IT Security at BetVictor.
Mainly aimed at: People working in the security department of Research and Education organisations, both on the operational level (security analysts, incident managers, etc.) and strategic (CISO) level.
12 October 2023 – 15:00 CEST
Panel discussion
Phishing simulations: to do or not to do
What are the pros and cons of phishing simulation campaigns? Phishing awareness training is an essential part of any cybersecurity strategy, but is it enough on its own? How effective are phishing simulations, what are their drawbacks? Should organisations add phishing simulations to their security awareness training programmes?
Moderator: Cornelia Puhze, SWITCH, Switzerland
Cornelia Puhze is an IT security awareness specialist at SWITCH. As part of SWITCH-CERT, she supports the Swiss education, research and innovation community in dealing with the human factor in information security. Her aim is to help people understand and care about cyber threats and how to better protect their data. Cornelia is educated to postgraduate level in multilingual, corporate and political communications and has a background in language teaching.
Speakers: Inka Karppinen, Lead Behavioural Scientist, CybSafe & Honorary Research Fellow, UCL, UK; Tommy Van Steen, Universiteit Leiden, Netherlands; Nathan Duffy, HEAnet, Ireland.
Inka Karppinen, Lead Behavioural Scientist, CybSafe & Honorary Research Fellow, UCL, UK
Dr Inka Karppinen is a Lead Behavioural Scientist at CybSafe, an award-winning human risk management platform focusing on behavioural analytics. She is also an Honorary Research Fellow at University College London (UCL). Inka is interested in all aspects of helping people, leading her on a unique path encompassing both industry and academia. She has an MRes and a PhD in security and crime science.
Tommy Van Steen, Universiteit Leiden, Netherlands
Tommy van Steen is assistant professor in cybersecurity governance at Leiden University and programme director of the executive master in cybersecurity for professionals from the same university. He holds a BSc in psychology and an MSc and PhD in behavioural change. His interests lie in understanding and improving cybersecurity behaviour of end-users in organisations. He uses behavioural science to better understand why people are not behaving securely and uses behavioural change methods to find solutions for behavioural cybersecurity problems.
Nathan Duffy, HEAnet, Ireland
Nathan Duffy leads the Penetration Testing and Vulnerability Management team at HEAnet, Ireland’s National Research and Education Network. In particular he leads the offensive security team in delivering cybersecurity services, such as web application, network penetration testing, along with running phishing campaigns, to higher education institutes. Nathan is currently studying on a part time basis for a master’s degree in cybersecurity at University College Dublin. Before joining HEAnet his experience included Digital Forensic Investigations and Incident Response.
Mainly aimed at: People responsible for security awareness programmes in their organisation (awareness specialists, CISOs, security or communication officers, learning & development specialists, etc.).
19 October 2023 – 15:00 CEST
Exploring the impact of neurodiversity on cybersecurity practice and risk management – A cyber psychological perspective
The neurodiversity spectrum is wide, ranging from attention deficit hyperactivity disorder (ADHD), dyslexia, dyspraxia and Tourette syndrome, to autism and bi-polarity. But common characteristics of neurodivergent individuals – including pattern-spotting, creative insights and visual-spatial thinking – are being realised in the cybersecurity sector. According to Holly Foxcroft, who is neurodivergent herself, neurodivergent individuals have “spiky profiles and these visual representations highlight the strengths and areas needed for development or support. “Neurodivergent profiles show that individuals perform highly in areas where neurotypicals have a consistent and moderate line”. The areas in which neurodivergent individuals have “exceeded skill” include high-level problem-solving, creative “out-the-box” thinking, hyper-focusing, and pattern spotting: “These are much-needed attributes and skills in cybersecurity”.
Update 16.10.2023We regret to inform you that this webinar has been cancelled due to the speaker’s illness. Please, note that the speaker has kindly agreed to send us a registration of her talk on this subject at a later date that we will share as soon as available.
Speaker: Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting, Stott and May Consulting
Holly is an award winning, international speaker and thought leader in neurodiversity in cyber. Holly champions neuroinclusion within the cybersecurity industry, promoting best practice and furthering research in to understanding neurodiversity and the critical role it plays in cybersecurity. Holly started her career in defence and holds a first-class degree in Criminology and Cybercrime, she carved her career in specialising in neurodiversity and cyber. Holly supports organisations on how to understand neurodiversity through training and awareness and ultimately become more neuroinclusive. Holly also leads the Portsmouth Digital Drive Team in cyber, supporting the city and it’s schools in cybersecurity awareness and showcasing how to build relationships with digital technology.
Holly is currently researching how neurodiversity impacts cybersecurity and risk management with the outcome to support overall cybersecurity posture. Holly works tirelessly to ensure the inclusion of neurodivergent individuals in cyber, promoting the importance of mental wellbeing and reducing burnout.
Mainly aimed at: Decision makers (CISOs, CIOs, etc.), cybersecurity professionals, recruiters and HR professionals.
24 Oct 2023 – 15:00 CEST
Successful internal awareness programme in R&E: approaches and outcomes
As of September 2023, Rotterdam University of Applied Sciences stands as the first and currently the only (as far as we know) larger Education Facility in The Netherlands to require all its staff (4000+) to undergo Security and Awareness training. The journey to reach this milestone was no small feat, as the Security and Privacy team had to overcome a series of obstacles spanning over two years. Please join Jan as we take a retrospective journey through this process, and feel free to draw inspiration and insights from our approach.
Speaker: Jan Landsaat, Privacy Officer, Rotterdam University of Applied Sciences
Jan Landsaat brings over 17 years of expertise in the field of Educational Technology. His career began as an instructor specializing in Digital Design Skills. Over the years, he transitioned into roles ranging from IT Project Manager to IT Manager where he oversaw the whole spectrum of soft- and hardware, and he currently serves as a Privacy Officer at Hogeschool Rotterdam for more than three years. Drawing from his background, he emphasizes the technical aspects of the Privacy field. This encompasses crafting policies related to AI and Data Analytics, overseeing the technical facets of DPIAs, and the Awareness Programme.
Mainly aimed at: People responsible for security awareness programmes in their organisation (awareness specialists, CISOs, security or communication officers, learning & development specialists, etc.).
