Accessibility

At CAMP 2024: AI-age incident response needs to evolve with technology

This week, Liina Areng, the Director of EU CyberNet participated in the CAMP 2024 Annual Meeting in Seoul to share Estonia’s and Europe’s perspective in cybersecurity with special emphasis on ransomware and artificial intelligence.

In her intervention, Liina Areng explained that AI-age incident response needs to evolve with technology, as it enables to manage threats in new ways. CSIRTs need to adopt AI tools for a proactive and adaptive approach for comprehensive cyber threat mitigation and prevention. Sharing innovative approaches and good practices is increasingly important.

She shared best practices from Estonia’s Information System Authority (RIA) for mitigating cyber threats through developing robust cybersecurity systems and processes, enhancing resilience through community building and raising awareness of good cybersecurity practices. Liina Areng highlighted RIA’s broad approach to building cyber resilience and incident response capabilities: 24/7 monitoring, operational information exchange with partners, regular threat assessments, educating employees, supporting companies and organizations, and establishing national cyber reserve for efficient cyber crisis management.

From the European perspective, she explained how the European Union builds resilience and response capabilities by implementing the EU cybersecurity strategy and regulations, setting obligations for essential services’ operators, and establishing networks to coordinate cross-border incident response and crisis management across the EU. Good practices from the EU are shared with partners across the world through cyber capacity building initiatives, such as EU CyberNet.

Liina Areng stressed that the use of artificial intelligence tools has become a battle between machines. Attackers use AI-driven means to generate phishing attacks, predict patterns and exploit weaknesses, and the defenders should also use automated threat hunting and predictive analytics. She also pointed out that ransomware groups are using less mass spam and drive-by attacks but rather more complex, low-and-slow attacks and intermediaries to reach those that can afford paying hefty claims. This is why supply chain cybersecurity should be prioritized in national strategies.

The 3-day meeting entailed interventions, sharing best practices and introductions from member countries about the cyber security situation in their countries and regions

The Cybersecurity Alliance for Mutual Progress (CAMP) is initiated by the government of the Republic of Korea and managed by Korea Internet and Security Agency (KISA) with purpose of achieving sustainable benefits and serving as a platform for actions to keep cyberspace safe.

Photos: https://flic.kr/s/aHBqjByZph



Keep reading similar articles
Stakeholder Community Day: Reaffirming to the Importance of Coordinated Cyber Capacity Building

The EU CyberNet Stakeholder Community Day brought together cybersecurity policymakers, professionals and experts to Brussels on 5th February 2025. The agenda, featuring high-level panel discussions, focused on the evolving landscape of cybersecurity capacity building, its role in global cyber governance and the growing notion of multi-stakeholderism.

500th member joined EU CyberNet Expert Pool

EU CyberNet is more than proud to announce that the 500th member joined EUCyberNet Expert Pool!

Holiday Greetings

EU CyberNet wishes happy holidays’ season and is looking forward to 2025 with excitement!

EU CyberNet’s 2024 Wrapped!

EU CyberNet’s 2024 is wrapped: a year of building bridges and navigating the path to stronger cyber capacity across the world. The EU CyberNet team wishes happy holidays’ season and is looking forward to 2025 with excitement!

EU CyberNet’s Expert Pool – Strengthening Cyber Capacity Across the Globe

EU CyberNet’s Expert Pool, a global community build on excellence of cyber professionals committed to building a safer, more resilient cyberspace, has grown to almost 500 experts from 67 countries who have contributed to over 200 actions in 93 countries since its launch in 2019.

Building Cybersecurity Resilience: TTX Coaching and Training in Brazil

On a mission to bolster cybersecurity preparedness, EU CyberNet and LAC4, with experts Julia Schuetze and Andrés Velázquez, executed a full-day tabletop exercise (TTX) training for CTIR Gov in Brazil to equip Brazil’s national cybersecurity response teams with the tools to design and facilitate their own sector-specific exercises. Julia Schuetze and Andrés Velázquez reflect on their experience.