Kaunas, Lithuania - 16-18 April 2019
Four years later, it was decided that it is time to touch-base again, discuss the work done and plan future collaboration. In the joint sessions, we will talk about the progress of the groups in the past few years, share the results and outcomes and present some challenges that can be overcome together. After that, we will schedule some group sessions where we will work on specific topics, such as:
- Risk Assessment and Management
- Security Baselining
- Training and Awareness
- Crisis Management
- Information Exchange
Please contact Sigita Jurkynaite (email@example.com) to add your topic for the agenda - we are looking for presentations or discussion topics (either plenary or break out).
Santaka Valley KTU Science,
Technology and Business Centre
K. Baršausko g. 59, Kaunas
Contributions are welcome!
|Tuesday - 16 April||Wednesday - 17 April||Thursday - 18 April|
|09:30||The new Trusted CI Framework - Bob Cowles (Trusted CI)|
Data Breach Management. GDPR One Year On - where are we today?
Michel Gerdes (DFN-CERT)
|10:00||Security KPIs and Reporting - Christian Fötinger (University of Applied Sciences Augsburg)||Group work reports, Future Collaborations|
|10:30||Coffee Break||Coffee Break|
Other community updates
Group work reports, Future Collaborations
|12:00||Closing, Light Lunch, Departures|
|12:30||Arrival, Registration, Light Lunch||Lunch|
Information Exchange: Who you gonna call?
Risk Assessment and Management
Tabletop exercise to test existing Risk Assessment and Management documents. In groups. Led by Šarūnas Grigaliūnas (LITNET)
The goal of Table top exercise is to test existing Risk Assessment and Management documents (https://wiki.geant.org/display/SIGISM/SIG+ISM+white+paper+risk+management) and ISO/IEC 27005:2018 (Information security risk management) standard.
The LITNET CERT provides each group with 3 incident descriptions and details of the IS profile (Academic IS, ELABA, Vulnerable server). A completed document (Service-/Systemprofile) part and a description of the consequences of the incident provided as well.
The task of the group is to fill in the risk assessment part of the document according to the incident. Discussion in groups: Aim to identify and possibly extend a document with social and human factors (ISO/IEC 27005:2018)
SIG-ISM: activities, working groups, relevant topics - Alf Moens (SIG-ISM Chair)
Hannah Short (on behalf of Dave Kelsey, WISE Chair)
|15:00||Coffee Break||Coffee Break|
Building trust through Interoperable Policies:
SCI - Hannah Short (on behalf of Dave Kelsey)
AARC2 Policy Development Kit - Hannah Short (CERN)
Baseline AUP - Ian Nelson (STFC)
Training and Awareness
GN4-3 WP8 T2: Security Baseline - Nicole Harris (Task Leader, GÉANT)
|16:30||CLAW: A Crisis Management Exercise that puts NRENs to the test - Charlie van Genuchten (SURFnet)|
Discussion led by Nicole Harris (GÉANT)
|17:00||Closing remarks||Closing remarks|
Dinner (Restaurant 'Vista Puode')
S. Daukanto g. 23, Kaunas
19:00 Dinner (Restaurant 'Uoksas')
Maironio g. 28, Kaunas