At CAMP 2024: AI-age incident response needs to evolve with technology

This week, Liina Areng, the Director of EU CyberNet participated in the CAMP 2024 Annual Meeting in Seoul to share Estonia’s and Europe’s perspective in cybersecurity with special emphasis on ransomware and artificial intelligence.

In her intervention, Liina Areng explained that AI-age incident response needs to evolve with technology, as it enables to manage threats in new ways. CSIRTs need to adopt AI tools for a proactive and adaptive approach for comprehensive cyber threat mitigation and prevention. Sharing innovative approaches and good practices is increasingly important.

She shared best practices from Estonia’s Information System Authority (RIA) for mitigating cyber threats through developing robust cybersecurity systems and processes, enhancing resilience through community building and raising awareness of good cybersecurity practices. Liina Areng highlighted RIA’s broad approach to building cyber resilience and incident response capabilities: 24/7 monitoring, operational information exchange with partners, regular threat assessments, educating employees, supporting companies and organizations, and establishing national cyber reserve for efficient cyber crisis management.

From the European perspective, she explained how the European Union builds resilience and response capabilities by implementing the EU cybersecurity strategy and regulations, setting obligations for essential services’ operators, and establishing networks to coordinate cross-border incident response and crisis management across the EU. Good practices from the EU are shared with partners across the world through cyber capacity building initiatives, such as EU CyberNet.

Liina Areng stressed that the use of artificial intelligence tools has become a battle between machines. Attackers use AI-driven means to generate phishing attacks, predict patterns and exploit weaknesses, and the defenders should also use automated threat hunting and predictive analytics. She also pointed out that ransomware groups are using less mass spam and drive-by attacks but rather more complex, low-and-slow attacks and intermediaries to reach those that can afford paying hefty claims. This is why supply chain cybersecurity should be prioritized in national strategies.

The 3-day meeting entailed interventions, sharing best practices and introductions from member countries about the cyber security situation in their countries and regions

The Cybersecurity Alliance for Mutual Progress (CAMP) is initiated by the government of the Republic of Korea and managed by Korea Internet and Security Agency (KISA) with purpose of achieving sustainable benefits and serving as a platform for actions to keep cyberspace safe.


Keep reading similar articles
EU Cyber Diplomacy Fellowship Concluded with a Visit to New York

The EU Cyber Diplomacy Fellowship, aimed to enhance global cooperation and contribute to the United Nations’ framework for responsible state behaviour in cyberspace, concluded this week after series of monthly activities with a visit to New York where the Fellows participated in the 8th United Nation’s session of the Open-ended Working Group (OEWG) on ICTs and several side-events.

Marcel Gerardino: “Technology has great value for advancing societies but in the wrong hands it has the potential to cause a lot of harm.”

Mini-interviews with EU CyberNet experts. Marcel Gerardino has been part of the Expert Pool for 3 years and has contributed to the work of EU CyberNet.

Conclusions from the Workshop to Strengthen Regional Cyber Norms Guidance through Practice-Based Approaches and the Case of Ransomware

EU CyberNet and LAC4 co-hosted on 8th July a workshop in New York in the premises of Estonian Mission to the UN to strengthen regional cyber norms guidance through practice-based approaches and the case of ransomware as a side-event of the UN Open-ended Working Group on ICTs together with RUSI, Estonia, Chile and the Dominican Republic.

EU Cyber Diplomacy Fellowship to conclude with the visit to New York

EU Cyber Diplomacy Fellowship (EU:CD Fellowship) will have its final activity this week with the fellows’ visit to New York to participate at the UN’s Open-Ended Working Group on ICTs.

C-DAYS Conference “+Prevention”: Level your skills UP to advance efforts in building cyber capacity worldwide

Cecilia Popa, Experts Lead of EU CyberNet, participated as a Keynote Speaker at the 10th edition of the C-DAYS conference on the topic of “EU projects for Skills”, highlighting the EU CyberNet’s skillset framework which forms the foundation of our Experts Pool deployed worldwide to build cyber capacity.

Panel: Cyber Resilience Builds on Situational Awareness, Trainings and Exercising

On 18 June the EU CyberNet’s Training and Services Lead Lauri Aasmann took part of the EuRepoC Conference 2024 “Promises & Pitfalls for the EU’s Cyber Foreign and Security Policy” which focused on the attribution capacities of EU and private actors; emerging hybrid threats; the EU’s role in capacity building; and the intricate relation between critical infrastructure protection and conflict resolution in Europe.