Security Days 2025

People are the greatest asset for any organisation.

When a typical security incident occurs, most organisations have some level of plans and staff in place to begin an investigation, find out what happened, contain the issue and return to normal operation.

However what happens if the incident was caused by a member of staff making a mistake?

What if the incident involves some level...

The lightning talk will present the SOC4Academia toolbox, which has been published recently by the SOCCER project. It is a comprehensive set of documents aimed as a guide for academic organizations, such as universities, which are planning to establish a Security Operations Centre (SOC). It covers various topics, both organizational and technical, as well as a review of different technical...

In this Lightning Talk, we will explore the innovative cybersecurity initiative developed for GÉANT's Cybersecurity Month CSM24 campaign: a four-part animated video series that combines a gripping noir-style detective story with critical lessons on preventing cyber threats. The series follows Jake Doubt, the head of the CERT team at Guilder University, as he narrates the tale of a hacker...

The EUNIS InfoSec group is focused on the current challenges of the information security field. The changing threat landscape of academic IT as well as the recently renewed privacy legislation present new challenges for many higher education organizations. The InfoSec group aims to share knowledge about information security development and compliance, as well as solutions to support the...

For computer systems to communicate with each-other they go through 7
layers of communication (assuming the Open Systems Interconnection,
OSI model). From the user visiting a website in a web browser
(layer 7) all the way to the physical internet cables (layer 1). At
each layer, there are different protocols or measures involved for
improving the security of the communication.

There...

This talk will describe Jisc’s approach to creating a cyber security benchmark for the UK education and research sectors - and a summary of the high-level findings.

There is a lot hidden beneath the surface especially deep in the seas and the oceans. In the Submerse project we learn what it is to secure both infrastructure and content at the same time. Here we find a unique combination of infrastructure that generates data, some data being ultra sensitive. In this lightning talk I will cover the challenges we face when protecting this infrastructure.

The talk will introduce two initiatives in GN5-2 WP8 - the deployment of panEuropean NREN Networks of Honeypots based on acknowledged solutions the T-Pot (tpotce) and CESNET's Hugo which will lead to a research venture on the next-gen constituency customisable Honeypots powered by LLM (a.o. galah, belzebub).

In today’s threat landscape, DDoS attacks range from stealthy, low-and-slow methods like NoName057(16)’s proxy assaults to overwhelming volumetric campaigns like Eleven11bot’s multi-terabit floods. Traditional defenses struggle to scale across such extremes, leaving critical infrastructure vulnerable. Enter Deepfield Defender, a next-generation DDoS protection platform designed specifically to...

Cybersecurity can often feel like an overwhelming challenge, filled with complex jargon and ever-evolving threats. This session aims to demystify the process, demonstrating that while the fundamentals are straightforward, consistent effort and dedication are crucial for success. We'll explore how collaboration and partnership can help educational organizations and NRENs navigate the...

For AI training, you need GPUs, data and bandwidth between the two. But you also need resiliency and security. Unfortunately, GPUs are expensive and are usually concentrated in large clusters, not always close to your data!

Is it possible to build a data storage architecture that combines data security, sovereignty and resiliency on a European scale, while providing sufficient performance...

Proton Pass is a secure password manager developed by Proton, the creators of Proton Mail and Proton VPN. Proton Pass allows businesses to easily enforce and manage password security policies, protecting against breaches while improving their employees' online experience. Users can safely store and manage robust passwords, secure notes, and other sensitive information with end-to-end...

Critical Infrastructures (CIs) in key sectors like telecommunications, energy, maritime, and health increasingly depend on complex ICT systems and technologies such as industrial control systems, cloud, IoT, and Artificial Intelligence. Cyber-attacks on these infrastructures are on the rise, with the potential for severe consequences if successful. To address this growing threat, there is a...