Programme

Day 1

Opening of first day of CyberHOT (9:00-9:30)

Threat landscape (9:30-10:45): Basic concepts, inventories of threats and vulnerabilities (from non-technical to technical).

Coffee break (10:45 – 10:55)

Threat and Attack Monitoring (10:55-11:30) -Lab-: Demonstrate specific attack scenario (e.g. in maritime sector); Use various tools (e.g. Logstail, Elasticsearch, Wazuh, Snort) to monitor the attack.

Attack monitoring in practice (11:30-13:15) -Lab-: Explore the attack management process using the above-mentioned tools using real life scenarios.

Lunch break (13:15 – 14:15)

A step-by-step approach to conduct your own risk assessment (14:15-16:00) -Lab-: Using an open source tool (e.g. mitigate) conduct risk assessment of a maritime organization (e.g. port).

Practical security management (16:00-17:00) -Lab-: Demonstrate the variety of the mitigation actions (technical controls, processes, procedures). Based on the risk assessment build your own security policy, Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) using our templates.

Questions and Discussion (17:00-17:30)

End of day 1 (18:00)

Day 2

Opening of second day of CyberHOT (9:00-9:30)

Technical vulnerability assessment (09:30-10:45) -Lab-: Demonstration of vulnerability assessment tools (e.g. network vulnerability scanner, operating system vulnerability scanners, blackbox application exploitation) using real-life scenarios.

Coffee break (10:45 – 10:55)

Vulnerability assessment in practice (10:55-12:30) -Lab-: Specific scenarios (e.g. for the maritime sector) use the various vulnerability assessment tools.

Digital forensics (12:30-13:15): Introduction of main principles of digital forensics investigation practices and tools

Lunch break (13:15 – 14:15)

Digital forensics in practice (14:15-16:45) -Lab-: A scenario that analyses a synthetic dataset that includes 100 phone calls and related metadata (i.e., CDR info). The scenario consists of three drug investigation cases and utilizes: (i) a data ingestion and preprocessing toolkit; (ii) a Forensics Visualization Toolkit (FVT) empowered by an advanced visualization methodology, and (iii) a pool of natural language processing and audio analysis services.

Questions and discussion (16:45-17:00)

End of summer school (17:30)