Security Days 2025, the second edition of GÉANT’s security conference, took place on 8-10 April in Prague, bringing together more than 160 participants from 63 organisations across 28 countries. Over three days, the event offered a collaborative space for members of the European R&E community – and beyond, to share insights, explore emerging challenges, and reframe how we think about trust, risk, and resilience.
Day 1: Trust is everything
Alf Moens (GÉANT) set the scene by addressing the growing complexity of the global cybersecurity environment: from geopolitical tensions to the surge of AI, the pace of change demands thoughtful and community-driven responses.
The keynotes lineup for the entire conference was truly impressive. The opening plenary included the keynote by Professor Dr. Karen Renaud (University of Strathclyde) who explored the psychology of trust: “Trust in cybersecurity isn’t just a technical issue, but a human one. Trust (and distrust) can make or break our security efforts, and it’s critical we build relationships based on trust, not fear.”
Nicole van der Meulen (SURF) followed with a candid talk on the inconvenient truths of cybersecurity, urging us to look beyond theoretical risks to face the tangible, often messy challenges of identity theft, AI manipulation, and systemic vulnerabilities.
My key takeaways from the day:
- Trust must be continuously cultivated across systems, teams, and cultures.
- Complexity is increasing, quantum technologies, AI, and IoT demand new frameworks.
- Cybersecurity is a process which requires vigilance, adaptability, and collaboration.
Day 2: From AI to awareness
The second day featured an AI-powered cybersecurity session chaired by Daniela Brauner (GÉANT) where panelists examined AI’s growing role in operational decision-making and key messages included the importance of ensuring AI systems are not only secure, but also auditable and transparent.
In parallel, the crisis management track shared lessons from the Dutch national crisis exercise OZON 2025, while introducing Talon, the upcoming pan-European crisis simulation for NRENs planned for March 2026. The message was clear: collaborative readiness is essential.
Sessions on cybersecurity awareness highlighted the power of behavioural insights in creating sustainable security cultures. The talks offered practical strategies, from gamification to empathy-based education.
Policy also took centre stage in a session where experts discussed the implications of the NIS2 Directive and the need to bridge policy and operational practice.
The day concluded with the always-popular Lightning Talks, giving voice to a wide range of projects initiatives and perspectives, all in five minutes or less.
Day 3: Where do we go from here?
The closing plenary explored three themes shaping the future of cybersecurity: AI, digital sovereignty, and the human factor.
Tomáš Čejka (CESNET) offered a grounded perspective on AI as more than a buzzword, it’s already reshaping how we observe, act, and respond. But with that comes a call for critical evaluation: how do we ensure trust in automated decisions?
Nicole Harris (GÉANT) raised big-picture questions in her talk Who Owns the Internet?, calling for NRENs to play an active role in defining digital governance and rights.
Dr. David Modic (University of Ljubljana) closed the event with a compelling reminder that human behaviour is not a flaw in the system, but a fundamental part of it. Building empathy-driven, inclusive strategies may be the most effective “technical” solution we have.
Reflections
Security Days 2025 was more than just a series of sessions: it created a dynamic space where diverse perspectives came together to discuss shared responsibility, the increasing importance of the human factor in cybersecurity, and much more. As someone working at the intersection of communication and the technical domain, I often find myself translating between worlds using the power of words. This event was a clear reminder that expertise comes in many forms, each essential in bridging those worlds.
Thank you to everyone who made Security Days 2025 such a thought-provoking, energising and community-driven success. Here’s to a more inclusive, interdisciplinary, and resilient future for cybersecurity for the international R&E community.
Special thanks to our local partner CESNET and to this year’s sponsors – NOKIA, FOX IT, Cubbit and Proton Pass – for their support, which added a meaningful touch to our conference.
Wondering where you can find (some of) the presentations from the plenary and parallel sessions? Visit the event’s programme pages.
Will there be a Security Days 2026? Where will it take place? Keep an eye on GÉANT CONNECT and social media channels to find out.
