On 29-30 October I had the pleasure of participating in the ‘Fortifying Defences – Cybersecurity Initiatives & Blue Teaming Strategies’ conference hosted by CYNET, the National Research and Academic Network of Cyprus. The event was held at the newly established offices of the National Digital Security Authority (DSA) in Nicosia, within the ICT Academy, and was supported by the National Coordination Centre for Cybersecurity (NCC-CY).
Memory vulnerabilities, web security, federated cyber ranges, and blue team training—what do they all have in common? These subjects featured in the packed programme of the two-day event. Interested in finding out more? Keep reading.
Cyprus: a country committed to cybersecurity
Tuesday 29 October – The conference kicked off with a warm welcome by Antonios Antoniades, Director of the Office of the Commissioner for Communications, DSA. After emphasising the shared responsibility of cybersecurity, Mr Antoniades highlighted that the DSA, the national authority responsible for overseeing and ensuring the security of information systems and networks across the country, plays a key role in implementing and enforcing cybersecurity policies, coordinating with both public and private sectors to safeguard critical infrastructure, and mitigate cyber threats. “The success of cybersecurity efforts relies not only on cutting-edge technology, but also on the skilled personnel that apply it. Today’s discussions will highlight the critical importance of investing in talent, fostering continuous learning, and building resilient teams to safeguard our organisations.”
Dr. George Konnis, Managing Director for CYNET followed with his welcome. He stressed the need to safeguard systems, data, and identities from ever-evolving cyber threats and highlighted CYNET’s role in Cyprus and how their connection to the global cybersecurity ecosystem is continually enhancing the NREN’s capabilities. And concluded: “Cybersecurity is a collaborative effort involving constant vigilance, shared knowledge, and innovation”.
Then it was my turn to present. My talk, adding a human science perspective to the conference, illustrated the collaborative initiatives and campaigns, created and coordinated by the Sub Task ‘Human Factor’ within the Work Package 8 on Security in the context of the GÉANT Project. My presentation focused on joint efforts and collaboration across borders and highlighted the GÉANT Cybersecurity Month campaign, which showcases the power of community collaboration. “Our aim is to engage stakeholders through various activities, including webinars, videos, animations, expert interviews, and educational resources, all delivered with originality, creativity, and a touch of humour”.
Then came the real brain gymnastics as I focused on the technical presentations that followed. Here’s what I took away.
Programming languages and memory safety
Elias Athanasopoulos, Associate Professor at the University of Cyprus began his talk ‘Validating Rust Binaries’ (quite a cryptic title if you ask me) with the statement: “Do not just educate users, build systems that protect them”. He went on to talk about software memory vulnerability, comparing safe (Java) and unsafe (C, C++) programming systems and highlighted how the use of unsafe programming languages can inadvertently introduce memory vulnerabilities, potentially allowing malicious inputs. Focusing on memory corruption, a critical issue in software security, Professor Athanasopoulos pointed out that while “safety doesn’t come for free”, it’s essential to implement memory safety without relying on runtime support. Rust was highlighted as a prime example of a memory-safe programming language.
The discussion then shifted to Jekyll apps (another concept I have been blissfully unaware of), which are intentionally vulnerable applications created by malicious programmers. Once submitted through legitimate approval processes and installed on devices, these can be remotely exploited by attackers. (If you are not afraid you don’t understand!)
Addressing web security
Dr. Panagiotis Ilia from Cyprus University of Technology began his talk reminding us that with over three billion monthly active users on Facebook and nearly five million searches per minute on Google, web security and privacy are of critical and paramount importance. He discussed web application platforms and introduced the Same Origin Policy (from the unexplored – by me at least – realm of web policies), a core web security mechanism that restricts scripts loaded from one origin from accessing resources or interacting with content from a different origin. This isolation prevents malicious scripts on one website from messing with data on another website without permission.
Blue team training
Day one of the conference closed with the Blue Team Training run by Klaus Moller and Tobias Dussa from DFN-CERT the security division of the German National Research and Education Network. Blue Teaming strategies are crucial for building robust cyber defences. Unlike offensive tactics, Blue Teaming focuses on the proactive protection of networks by identifying vulnerabilities, detecting intrusions, and responding effectively to cybersecurity incidents. These strategies aim to enhance an organisation’s security posture and prevent successful exploitation by attackers. In military manoeuvres, the Blue Team represents the defending side. In commercial settings, it is designed to equip security professionals with the skills and knowledge necessary to defend network, systems and data against cyber threats.
The intrusion-detection tested scenario used by the trainers involved the University of Pellworm located on an island off the coast of a generic European country. Trainees were given the task to act as the imaginary administrators of a small network for an institute conducting a survey on strange sightings and experiences among young citizens.
All participants immersed themselves in the training session, and the room became quiet.
CYNET conference day two: let’s talk cyber ranges
Wednesday 30 October – Prof. Stavros Stavrou, Rector of the Open University of Cyprus, in his opening address, emphasised the critical importance of cybersecurity training. He began with a thought-provoking twist on a famous existential question: “To cyber train or not to cyber train … this is not the question. We must train our people within our organisations to face cyber threats. If we don’t train, we cease to exist.” Prof. Stavrou stressed that cybersecurity is not just about operational defences, but also about comprehensive training at all levels. He underlined the necessity of training together, learning from each other, and ensuring that everyone in any organisation is prepared to handle cyber threats. His passionate call to action set the tone for the day.
George Nicolaou, Co-Founder of CYBER RANGES and Head of Research & Incident Response of Silensec Group, introduced cyber ranges (yet another quite novel concept for me) which are interactive, simulated platforms that replicate networks, systems, tools, and applications. They provide a safe, controlled environment for acquiring hands-on cybersecurity skills and conducting security posture assessments. Additionally, cyber ranges offer a secure setting for product development and testing against cyber threats, enabling users to practice incident response, vulnerability management, and defence strategies without the risks associated with live environments. Mr Nicolaou, highlighting the growing threat of AI-driven cyber attacks and the importance of cyber as the fifth domain intersecting with air, land, sea, and space, emphasised the need to build resilience through training on emulated environments, which provide realistic and comprehensive incident views.
CYBERUNITY
Mr. Nicolaou’s presentation set the stage for day two’s focus: the EU co-funded CYBERUNITY project. Georgios Spathoulas, Associate Professor at NTNU (Norway) introduced the initiative. Coordinated by NTNU, the project involves ten partners across five countries, each specialising in cybersecurity and cyber ranges. The primary objective of the CYBERUNITY Project is to establish an interoperable network of cyber ranges across Europe by integrating the cyber ranges of consortium partners and ensuring seamless collaboration between them. This involves harmonising various technologies and use cases to facilitate the successful execution of cyber range exercises utilising existing resources. The ultimate goal is to offer Cyber Ranges as a Service (CRaaS) and to build a federation of interoperable cyber ranges. While there are recognised challenges, including issues of interoperability, security, privacy, and dynamic resource management, the project also presents significant opportunities for collaborative cybersecurity defence, enhanced training, and scenario-based exercises. Key use cases include the creation of a knowledge repository, resource sharing among cyber ranges, federated exercises across multiple ranges, and real-time resource sharing between ranges.
Cyber ranges and cyber simulation games
Oliver Jung, representing the Austrian Institute of Technology Cyber Range within the Centre for Digital Safety and Security, introduced their innovative approach to supporting critical infrastructure operators. He introduced the recent exercise held at the AIT Cyber Range – Training Centre in Vienna on March 27-28, 2024. This exercise, a collaborative effort, involved ten teams, 200 participants, 24 enterprises from the critical infrastructure domain, and national authorities; it utilised cyber ranges to enhance resilience and response capabilities. The cyber simulation exercise targeted financial institutions in German-speaking countries (Austria, Switzerland and Germany) with the entire simulation taking place on a cyber range platform that emulated real architectures. The event sought to enhance cybersecurity expertise and resilience through realistic training and simulation environments and aimed to evaluate participants’ technical skills, and test processes for information sharing and reporting.
Other speakers joined remotely from Romania, the United Kingdom and Greece to illustrate the development, the experience and the lessons learned from their involvement in major European cybersecurity projects, such as CyresRange, CyberSec4Europe and Concordia.
The Human Factor touch
Attending this conference made one thing crystal clear: tackling the ever-evolving cyber threats requires more than just technical expertise. Human sciences add a critical and essential layer of understanding. These two areas of expertise (technical and human) do not merely coexist—they’re increasingly intertwined and indispensable in the ongoing battle against cyber crime. The synergy between technology and the human factor is where real magic happens. Don’t you agree?
Credits
My heartfelt thanks go to Panayota Smyrli from CYNET who chaired the conference with competence, professionalism and grace and to the CYNET team for their kind and unsurpassed hospitality. I learned so much from the conference, and my horizons have definitely widened. Now, on to my next cybersecurity adventure!
