- Network.training-awareness - internal.sparta.eu

[SPARTA - network.training-awareness] T9.3 Task Plan and activities

by Olivier Levillain

Dear WP9 partners, I have updated the Task Plan for 2020 and I am going to send some mails to the partners involved in the different tasks, as soon as I have the correct contacts. The most urgent tasks are related to Deliverable 9.2: - an overview of existing professiional trainings (I have prepared a template, but I believe the first step is to just enumerate the programs we are insterested in. The partners involved in this task are: * IMT for the UE * SAP for the USA * SMILE for the Japan - an overview and an analysis of the existing certification schemes and recognition systems (I had collected some information in the SVN and I need to feedback before diving into the details, so we can agree on a reasonnable set of schemes. The partners involved are IMT, SAP and PPBW. - the creation of professional curricula. Here, we would like to use the classification from the skills framework, and for each subject, propose best practices. Involved partners will be IMT, PPBW and YWH. To move forward, I will start discussion on the different activities with the involved partners. I have the following contacts: - PPBW: Steven Ormston <steven.ormston(a)ppbw.pl> - SAP: Gilles Montagnon <gilles.montagnon(a)sap.com> - SMILE: Jérôme Jacob <jerome.jacob(a)securitymadein.lu> - YWH: Rayna Stamboliyska <r.stamboliyska(a)yeswehack.com> Can you quickly correct or ammend these contacts if needed, since I will send mails soon and it would spare time to get the recipients right first! Next, we plan to work on specific syllabus and resources, and we already identified an interesting field I called sec-dev-ops to have a shiny title. The idea is to use the dev-ops tools to improve security in development methodology. At IMT, we currently have a cours for our students, but I would like to adapt this to produce a professional training and ideally run it soon. I have noted that YWH will likely contribute. I however propose we discuss this in a second time, once the actions regarding the more pressing matter (D9.2) are started. You can nevertheless still propose other subjects we would like to produce syllabus (and resources) for, since this will be what we will be working on next in T9.3. I noted that there was interest for industrial systems, and I think we could do something with Cyber Ranges. On this latter topic however, I believe the lead is currently with T9.2 and BUT. Best regards, Olivier Levillain

5 years, 11 months

1
0
0 0

[SPARTA - network.training-awareness] Important: Brussels WP9 Meeting

by Jan Hajny

Dear WP9 Members, Please note that our WP9 meeting takes place from 14:45 to 16:15 on Monday 24th during the Brussels SPARTA week. This meeting will focus mostly on the assignment of activities to partners and creating the 2020 work plan. Please make sure, that your organisation is represented at this meeting so that you can put your activities to the WP9 workplan and later claim PMs to WP9. The tentative workplans for all tasks are on SVN and attached. There are many free activities to choose from :-) Looking forward to meeting you, Best, Jan —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

5 years, 11 months

2
1
0 0

[SPARTA - network.training-awareness] WP9 Link

by Jan Hajný

https://meet.google.com/pga-rpgp-ciw <https://meet.google.com/pga-rpgp-ciw> +1 484-364-5790 PIN: 549 393 216# —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

5 years, 11 months

1
0
0 0

[SPARTA - network.training-awareness] T9.3 activities: overview of program trainings and certifications

by Olivier Levillain

Dear WP9 members, As Task Leader for T9.3, I would like to share the current status of the task, and ask for the partners involved in the task to contribute to different documents. First, I would like to appologize since this message comes a little later than I would have expected. Regarding Professional Trainings, we need to explore the existing trainings and the current certifications and recognition systems, since this will serve as a basis to produce the corresponding chapter in Deliverable 9.2. To bootstrap the work, I have been working from the French Professional Training ecosystem that I know more. You will find in the subversion repository some files describing the trainings referenced by ANSSI (I will progressively put them here: 03-WPs/WP9-Cybersecurity-Training-and-awareness/T9.3/Trainings). I used the template in the Templates/ProfessionalTrainings/ directory (under 03-WPs/WP9-Cybersecurity-Training-and-awareness/). Another document I would like us to write is a brief description of the certification and recognition systems we want to consider and study. I have put a version in the subversion, under T9.3/Certification-Recognition-Systems. This will eventually be integrated to Deliverable 9.2. The idea here is to select which systems are relevant for Progessional Trainings (some of those listed in the file will probably not apply to our use case). Please also find attached a sample file for trainings on ICS security, as well as the list of systems I gathered so far. *Actions for people involved in T9.3* - can you please send me a mail to tell me / confirm that you will be contributing to T9 in 2020? - can you review the list of certification and recognition systems I gathered to tell me if you think some are missing? - can you start collecting the trainings for which you would like to write a description. We must try and aggregate as much as we can, to avoid producing too many files which would be very hard to exploit. When different trainings follow a given referential, I think we can merge them. - plan to attend the WP9 session during the Monday afternoon of the SPARTA week to come (Monday February 24th from 4:30 to 6 PM). Ideally, it would be great you look at the items above before the week so we can have a fruitful discussion. I am at your disposal to discuss further the details. Cheers, olivier

6 years

1
0
0 0

[SPARTA - network.training-awareness] WP9 Work Plans

by Jan Hajny

Dear SPARTA WP9 Members, Together with WP9 task leaders, we created very preliminary work plans for 2020, as attached. Based on your previous involvement and expertise, we assigned some activities to some partners, but most remain unassigned. Could you please: Check that you agree with the assigned activities in each file attached, Assign yourself to activities you would like to do, Propose anything new to the plan, after the discussion with and approval by the respective task leader? In case of any questions and new proposals, please contact the task leaders directly (in CC): Task 9.1: Cybersecurity Skills - Edmundas Piesarskas (edmundas(a)l3ce.eu) Task 9.2: Academic Training – Sara Ricci (ricci(a)feec.vutbr.cz) Task 9.3: Professional Training – Olivier Levillain (olivier.levillain(a)telecom-sudparis.eu) Task 9.4: Awareness - Jerome Jacob (jerome.jacob(a)securitymadein.lu) I’d like to ask you for your feedback (approval/updated files) before January 31st. Thank you, Jan —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

6 years

1
0
0 0

[SPARTA - network.training-awareness] Notes from the ECSO Meeting

by Olivier Levillain

Hi, Here are some notes from the ECSO meetings. As in the previous meetings, several documents have been presented, but most of them are not really available (even within ECSO). I will share what I can as soon as the documents are published on the portal. Don't hesitate to ask me about a particular subject. Since writing (or reading) minutes is not always that funny, I tried to send you what I thought was the most relevant, as soon as I could. 1) Cyber Ranges ECSO is working on a document defining what cyber ranges (CRs) are. The document starts by stating that we usually find two different definitions: one describing the CR as a simulation environment, the other one describing CR as a platform. Since the latter contains the idea that a CR is more than a technical piece of software, they prefer it. The document then describes different use cases and different features a CR can have. The idea is to say that, as a car, CRs can be of very different natures (from Formula 1 to family cars to 4x4s). Today, a lot of organizations are looking for cyber ranges for different goals, which can not be done by all cyber ranges. The prurpose of the document is to shed light on a key/buzz word which is not clear for many people. It aims at helping consumers of cyber ranges, but also the providers/researchers to focus on special features/use cases. The document is still a draft, and is still supposed to be internal to ECSO only, but we will have a new version in early November that I will be able to share with SPARTA partners, to gather feedback. ECHO (one of the 4 EC pilotes) has been trying to coordinate the activity. Beyond the survey that was sent earlier, I did not see a lot on this front from ECSO or from ECHO. The survey collected around 50 answers 3 or 4 weeks ago. It is still open, and it seems it would be useful to send the link again (we discussed it on the WP9 list, and it was supposed to have been sent by a Catarina, but I can not find the message in my archives...). 2) A tool to self-assess one's cybersecurity skills Georges Ataya presented an online tool for self-assessment and then see the gap between one's profile and a given role from the NICE framework. We are supposed to get a link to this online tool in the weeks to come. If this happens, I will share it with you. 3) Description of a minimal curriculum for "Cybersecurity for top management and leaders" ECSO SubWG 5.2 is working on a document to define minimum curricula, and they started with the top management and leaders. For now the document has not been shared among ECSO, so we only got the first elements. As soon as I have more on this European Cyber Security Education Framework, I will share it with you. 4) Youth4Cyber A member from Milano presented an initiative to teach cybersecurity (mostly awareness) to young people, through 5 modules aimed at 6-10 years old, 10-14, 14-18, 18-22 and 22-26. They presented the outline of the modules, which all contain 6 to 7 sessions of 45 to 2h each. For now, they only have a 1-slide description for each session, and are looking for funding/work force to produce the content. Since this is an Italian initiative, they would then need to translate it. This initiative may be of interest for T9.4? 5) Awareness campaign by SOGEI SOGEI presented their work on awareness campaigns. It is similar to the material I sent last month on the Awareness Workshop ECSO organized. 6) Women4Cyber ECSO and an SME have created a fondation to lead this initiative. They already won an award from the nordic countries and hope to have chapters in different countries and even regions. 7) Education Map from ENISA Fabio Di Franco presnted the Education Map: more than 500 degrees (it is a list of degrees, and not courses as we thought initially). The website is still under development and should be online in November. It will be possible with a nice UI to apply multiple filters on the following criteria: language, country, delivery method, major topic, deree obtained. Their goal is to get an almost exhaustive list of degrees updated regularly. They also have gathered information about the cost of the courses, the number of graduated people, the maximum capacity of each course, the very coarsed-grain repartition of ECTS (cybersecurity courses, law courses, internship, etc.) They have no intention to produce more detailed information; first because of a lack of resources (Fabio seems the only person involved in the data collection and validation); second, because they are not confortable with a taxonomy of the different topics. Thus, I believe that we can propose something complementary here. Fabio seemed interested. Jan, if you believe it is useful I introduce you to him (electronically), I can do it. 8) Report on Cyber Security Education from ENISA This report offers a critical review of common knowledge about cybersecurity education and HR. It is common knowledge that there is a lack of qualified cyber security professionals. However, maybe the shortage is dominated by a lack of understanding. We must be more precise on the jobs needed. ENISA spots the following issues in cyber security education: - lack of educators - poor interaction with the industry - little understanding of the labour market Yet, it might be useful to recall the goals of universities, which are today torn between teaching people with a holistic vision, and producing market-ready people. We might be mistaken in following the second path too strictly, since we do not know how cybersecurity jobs will evolve (some jobs might soon become irrelevant because of some forms of automation). [As a teacher, I agree with the vision that universities' goal is not only/primarily to produce market-ready people!] ENiSA looked at 387 study programs that were "certified" by a national body (Autstralia, France, UK, USA). Most certifications have the following elements: - check that sufficient hours are put in cybersecurity - check the teaching body's qulaifications - describe the teaching modalities - employment outcomes - etc. 9) Presentation from the pilots 9.1) SPARTA Regarding SPARTA, Edumndas and I briefly presented the documents we (task leaders) prepared together. Concerning the skills matrix, Edmundas was asked to invite ENISA, ECSO and the Program Officer to the coming workshop (I sent him the contacts I had in another mail). I was asked to send the WP9 contacts (task leaders) to the ECSO secreatariat. I will do this shortly. Regarding possible collaborations, beyond the skills workshop, we proposed to exchange documents between ECSO and pilots as much as possible (and I believe we should try and share early when we have no specific constraints). 9.2) CONCORDIA They have been collecting information on short courses with possible filters on an online map (https://www.concordia-h2020.eu/map-courses-cyber-professionals/). Their work tracks 60 courses collected in 3 months (31 from within Concordia and 29 outside). It should be useful to collaborate with them for T9.3, since we were asked by a representative from the DG Connect not to do the same things in different EC pilots. I will study what they proposed to see how we could bring added value. CONCORDIA also worked on Cyber Ranges (which they would like to also put on the map). They would like to create an ecosystem, but they are not after a federation (the woman presenting could not explain more, but this will be discussed at the next meeting with the relevant person from the project). They want to share scenarios and work on an exchange format. Since they were not present the morning for the discussion about the document on Cyber Ranges, they will contribute to the document as soon as they get it. Finally, they asked whether there was interest for an open source Cyber Range. Someone answered that this was mostly relevant for universities. 9.3) CyberSec4Europe They quickyl described their work packages (but without slides). 10) Notes The woman from the DG Connect asked us (pilots) to identify the possible synergies between project and to clearly define what our differences are (especially with regards to education and training). In particular, we were asked not to do the same thing about Cyber Ranges, which seems to be an especially hot topic. Best regards, olivier

6 years, 1 month

3
4
0 0

[SPARTA - network.training-awareness] Sector Skills Alliances 2020

by Jan Hajny

Dear WP9 Members, We’re considering preparing a project proposal for the following call “ERASMUS+: Sector Skills Alliances 2020”, which is focused on developing best practices in cybersecurity education and training across EU: https://eacea.ec.europa.eu/erasmus-plus/actions/key-action-2-cooperation-fo… <https://eacea.ec.europa.eu/erasmus-plus/actions/key-action-2-cooperation-fo…> Is anyone planning to participate in this call? I received some signs of interest from CS4E and CONCORDIA but nobody prefers to lead this action J Thank you for feedback, Best, Jan — doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

6 years, 2 months

1
0
0 0

[SPARTA - network.training-awareness] T9.1 workshop

by edmundas＠l3ce.eu

Dear All, The remote connection to the T9.1 workshop on Friday (8th of November, 9:00 AM - 5:00 PM CET): Please join my meeting from your computer, tablet or smartphone. https://global.gotomeeting.com/join/444081789 You can also dial in using your phone. Austria: +43 7 2081 5427 <tel:+43720815427,,444081789> Access Code: 444-081-789 More phone numbers United States: +1 (571) 317-3129 <tel:+15713173129,,444081789> Australia: +61 2 9087 3604 <tel:+61290873604,,444081789> Belgium: +32 28 93 7018 <tel:+3228937018,,444081789> Canada: +1 (647) 497-9391 <tel:+16474979391,,444081789> Denmark: +45 32 72 03 82 <tel:+4532720382,,444081789> Finland: +358 942 72 1060 <tel:+358942721060,,444081789> France: +33 170 950 594 <tel:+33170950594,,444081789> Germany: +49 692 5736 7317 <tel:+4969257367317,,444081789> Ireland: +353 15 360 728 <tel:+35315360728,,444081789> Italy: +39 0 247 92 13 01 <tel:+390247921301,,444081789> Netherlands: +31 207 941 377 <tel:+31207941377,,444081789> New Zealand: +64 9 280 6302 <tel:+6492806302,,444081789> Norway: +47 21 93 37 51 <tel:+4721933751,,444081789> Spain: +34 932 75 2004 <tel:+34932752004,,444081789> Sweden: +46 853 527 827 <tel:+46853527827,,444081789> Switzerland: +41 225 4599 78 <tel:+41225459978,,444081789> United Kingdom: +44 330 221 0088 <tel:+443302210088,,444081789> Best regards, Edmundas From: edmundas(a)l3ce.eu <edmundas(a)l3ce.eu> Sent: Wednesday, October 23, 2019 9:58 AM To: 'network.training-awareness(a)internal.sparta.eu' <network.training-awareness(a)internal.sparta.eu>; 'programs.leads(a)internal.sparta.eu' <programs.leads(a)internal.sparta.eu> Cc: 'pawel.pawlinski(a)cert.pl' <pawel.pawlinski(a)cert.pl>; 'iwona.jarosz(a)nask.pl' <iwona.jarosz(a)nask.pl>; 'adam.kozakiewicz(a)nask.pl' <adam.kozakiewicz(a)nask.pl>; 'joanna.wackowska(a)nask.pl' <joanna.wackowska(a)nask.pl>; 'malgorzata.wlodarczyk(a)nask.pl' <malgorzata.wlodarczyk(a)nask.pl>; 'pawel.kostkiewicz(a)nask.pl' <pawel.kostkiewicz(a)nask.pl>; 'armands.meirans(a)lmt.lv' <armands.meirans(a)lmt.lv>; 'evita.vikmane(a)lmt.lv' <evita.vikmane(a)lmt.lv>; 'Martins.Kalkis(a)lmt.lv' <Martins.Kalkis(a)lmt.lv>; 'miks.arajs(a)lmt.lv' <miks.arajs(a)lmt.lv>; 'sarunas.grigaliunas(a)ktu.lt' <sarunas.grigaliunas(a)ktu.lt>; 'rimantas(a)l3ce.eu' <rimantas(a)l3ce.eu>; 'nina.olesen(a)ecs-org.eu' <nina.olesen(a)ecs-org.eu> Subject: T9.1 workshop Dear All, As T9.1 is approaching the final stage and most of the work is done, the team would like to invite all interested SPARTA partners to the final alignment workshop. The workshop is intended to be organized as one day or two half days event on-site at MRU. Preliminary agenda is attached. Those, who can join the workshop remotely, connection will be organized. The preliminary dates set are 6th / 7th of November (preliminary 5th was set, but it was moved). Please, mark your interest and availability on: https://doodle.com/poll/2diuwnzbunwvmtmm until the 25th of October. We would like to have as many participants on-site. Presence of cybersecurity end user organizations is especially relevant (e.g. NASK, LMT, KTU Litnet). We will also invite some associated partners (NCC group) and other national and international organizations (ECSO, Lithuanian Cybersecurity center, Lithuanian Arm forces CERT, etc.). The introductory materials for the workshop are also attached to the message (also available at SVN). Best regards, Edmundas & T9.1 team

6 years, 3 months

1
0
0 0

[SPARTA - network.training-awareness] Fwd: 5th IEEE European Symposium on Security and Privacy: Call for Workshop

by Jan Hajný

Dear WP9 Partners, As you may already know, the IEEE European Symposium on Security and Privacy will take place in Genova next June. We thought that this may be a unique opportunity to discuss and present the advances in cybersecurity training there, with a particular focus on cyber ranges and curricula. There is the possibility to propose a workshop on this topic, please see the message from Alessandro below. We can also co-locate the WP9 meeting with the event. Would you support that idea and actively participate in such a workshop? Please let me know yes/no very soon so that we can start the process :-) Thank you, Kind regards, Jan —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/> > Začátek přeposílané zprávy: > > Od: Alessandro Armando <alessandro.armando(a)unige.it> > Předmět: 5th IEEE European Symposium on Security and Privacy: Call for Workshop > Datum: 14. října 2019 19:07:18 SELČ > Komu: Jan Hajny <hajny(a)feec.vutbr.cz> > Kopie: Fabio Martinelli <Fabio.Martinelli(a)iit.cnr.it>, Paolo Prinetto <paolo.prinetto(a)polito.it>, Rocco De Nicola <rocco.denicola(a)imtlucca.it> > > Dear Jan, > > the 5th IEEE European Symposium on Security and Privacy (IEEE EuroSP 2020, http://www.ieee-security.org/TC/EuroSP2020/ <http://www.ieee-security.org/TC/EuroSP2020/>) will take place in Genova on June 16-18 (Tue-Thu), 2020. > Pre/Post-conference workshops will take place on June 15 (Mon) and June 19 (Fri). > By this message I would like to draw your attention on the possibility to propose a workshop related to the topics of the SPARTA WP on cybersecurity training you are leading. > I believe a workshop associated with IEEE EuroSP 2020 will be an excellent opportunity to disseminate the wp's results as well as to get feedback by the relevant community. > > The deadline for workshop proposals is November 18, 2019. Details can be found at http://www.ieee-security.org/TC/EuroSP2020/cfw.html <http://www.ieee-security.org/TC/EuroSP2020/cfw.html>. > Please notice that all workshop proposals will be evaluated by the workshop chairs against the Proposal Evaluation Criteria set in the Call for Workshops. > > Please also notice that together with Florent we are planning to organize a SPARTA event (e.g. a project meeting) on June 20 (Saturday) colocated with IEEE EuroSP. > > Should you need more information, please do not hesitate to ask. > > Best Regards, > > alessandro > > -- > Prof. Alessandro Armando > DIBRIS, Università di Genova > Viale Causa 13 > 16145 - Genova > email: alessandro.armando(a)unige.it <mailto:alessandro.armando@unige.it> > phone: +39 3281003201 > > > > -- > Prof. Alessandro Armando > DIBRIS, Università di Genova > Viale Causa 13 > 16145 - Genova > email: alessandro.armando(a)unige.it <mailto:alessandro.armando@unige.it> > phone: +39 3281003201 > > > -- > Le informazioni contenute nella presente comunicazione sono di natura privata e come tali sono da considerarsi riservate ed indirizzate esclusivamente ai destinatari indicati e per le finalità strettamente legate al relativo contenuto. Se avete ricevuto questo messaggio per errore, vi preghiamo di eliminarlo e di inviare una comunicazione all’indirizzo e-mail del mittente. > -- > The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If you received this in error, please contact the sender and delete the material.

6 years, 3 months

2
1
0 0

[SPARTA - network.training-awareness] Task 9.2 Progress, Request for Action

by Jan Hajny

Dear WP9 Partners, Please find the progress monitoring table for WP9 Task 9.2 attached. Please note, that some activities (marked red) are in significant delay (those of CINI and YWH are delayed for over several months). Please consider this message the last call for delivery of the outcomes. Thank you, Kind regards Jan Hajny —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

6 years, 3 months

2
1
0 0

2026

2025

2024

2023

2022

2021

2020

2019

Network.training-awareness