Securing Tomorrow: CyberFrontier Dialogues at the 5th Luxembourg-Poland Business Conference
The 5th Luxembourg-Poland Business Conference, held on 29th February 2024, at the Chamber of Commerce in Luxembourg, marked a significant milestone in fostering collaborative efforts between Poland and Luxembourg. Organised by LPCC in close collaboration with esteemed partners – Polish Investment & Trade Agency, Luxembourg House of Cybersecurity, Luxembourg Chamber of Commerce, the Embassy of Poland in Luxembourg, and the Embassy of Luxembourg in Poland, the conference centred around the critical theme of cybersecurity.
Diverse Panels Addressed Crucial Cybersecurity Challenges
The event commenced with a vibrant agenda, featuring engaging panel discussions, cutting-edge presentations, and expert insights into the challenges and advancements in cybersecurity. The audience was warmly welcomed by H.E. Mr Piotr Wojtczak, Ambassador of the Republic of Poland in Luxembourg, H.E. Mr Paul Schmit, Ambassador of the Grand Duchy of Luxembourg in Warsaw, Carlo Thelen, Managing Director of the Luxembourg Chamber of Commerce, Magda Lekan, Head of Foreign Trade Office in Amsterdam, Polish Investment and Trade Agency, and Artur Sosna, President of the Luxembourg Poland Chamber of Commerce (LPCC). These welcome speeches not only set an encouraging tone for the insightful discussions that followed but also highlighted the strong collaborative spirit between Poland and Luxembourg in addressing cybersecurity challenges.
Business Panel: Information Security in a Digital World
The Business Panel, moderated by Marek Graczyk from Eskom IT Sp. z o.o., delved into the evolving landscape of information security in a digital world.
First to the panel’s discourse was the crucial question: “How to build awareness?”. The responses unfolded a collective realization that cybersecurity is no longer confined to a technological realm; it has unequivocally become a business challenge.
Łukasz Gawron, Chairman of the Polish Cybersecurity Cluster #CyberMadeInPoland highlighted that cybersecurity goes beyond technical details, becoming an essential part of the overall business world.
Pascal Steichen, the CEO of Luxembourg House of Cybersecurity, articulated the need for comprehensive understanding and practical implementation of solutions. He underscored the importance of bridging the gap between awareness and tangible actions. He also introduced the concept of cyber exercises, emphasizing the value of immersing oneself in simulated cyber crises for practical learning experiences.
Sabika Ishaq, President of Women Cyber Force, contributed valuable insights by advocating for gender diversity and the implementation of mentorship programs. She echoed the sentiment that cybersecurity demands a holistic and inclusive approach, involving a spectrum of diverse skill sets, perspectives, and mindsets.
Katarzyna Nowak, Head of Unit at the National Cybersecurity Coordination Center Poland, urged the audience to examine AI from both perspectives, being aware of its disadvantages and potential security gaps. The consensus echoed by all was that AI functions for both defenders and attackers in the cybersecurity realm. Additionally, while discussing the perspective on the talent pool, she highlighted a critical concern – the shortage of cybersecurity experts on the market.
Izabela Taborowska, President of the Girls in Tech Foundation and CyberClue, addressing the question of who is responsible for providing cybersecurity, she emphasized a collective effort involving the government, managers, and every individual on a daily basis.
Key moments of the panel included perspectives on AI’s future role, and the consensus on the shared responsibility for cybersecurity across all levels of society. The panel concluded with a strong emphasis on education as a pivotal component in addressing the multifaceted challenges posed by the dynamic cybersecurity landscape.
Case Studies Panel: New Regulations and Practical Implementation
The Case Studies Panel, also moderated by Marek Graczyk, explored the practical aspects of implementing cybersecurity measures and adhering to new regulations. During the session, speakers shared real-world experiences in addressing challenges, particularly within the healthcare sector.
Jeremi Olechnowicz, Security Analyst at Centrum e-Zdrowie (e-Health Centre), highlighted the need to invest not only in tools but also in people and competencies. He drew attention to the prevalent lack of awareness in many places, emphasizing the importance of management maturity in understanding laws, regulations, and potential costs. Jeremi expressed concerns about the costs and time required for implementation of the regulations. He pointed out the challenge of keeping up with new regulations while addressing the persistent problem of inadequate implementation of existing ones.
Jacques Federspiel, Chief Information Security Officer at Hôpitaux Robert Schuman, emphasized the challenges and benefits of digitalizing patient cards, prompting a discussion about committees, regulations, and the comparison of cybersecurity practices in healthcare to other industries. Jacques highlighted the critical need for educating people and building a robust ecosystem to address cybersecurity challenges effectively.
The discussion also touched upon the importance of raising awareness about phishing attacks, providing necessary resources, and encouraging investments in cybersecurity at the government and hospital levels. The significance of cybersecurity awareness training, multi-factor authentication, and the strategic use of technical solutions were emphasized. The panel concluded with a consensus on the critical role of education, competencies, and strategic investments in building a resilient cybersecurity ecosystem, particularly in the healthcare sector.
Research and Innovation Panel: AI Transforming Cybersecurity
Moderated by Dr Carlo Duprel from Interdisciplinary Centre for Security, Reliability and Trust (SnT) at the University of Luxembourg, the Research and Innovation Panel was a profound exploration of the transformative impact of artificial intelligence (AI) on cybersecurity.
Marek Ostafil, Co-Founder of Cyberus Labs, brought a fresh perspective advocating for password-free user authentication and emphasizing that technology should serve people rather than requiring them to adapt to it. Additionally, he questioned the exclusive focus on EU-made cybersecurity solutions, suggesting a more inclusive approach that considers a broader spectrum of ideas, irrespective of geographical origins. His insights touched on the cultural and behavioral aspects of how individuals perceive and interact with digital security. Additionally, Ostafil touched upon global patent trends, specifically referencing the notable numbers in China and making a noteworthy mention of Japan during the discussion.
Carmelo Dimauro, Expert on Risk & Security Management from the National Cybersecurity Competence Center Luxembourg, delved into the intricate relationship between human factors and cybersecurity, emphasizing the underestimated role of humans in the middle of technical processes, advocating for risk management, procedural awareness, and the critical need for simplicity in communication. Dimauro stressed the importance of learning from past mistakes and urged for a comprehensive approach to cybersecurity, combining technical solutions with a focus on prevention, education, and awareness.
Prof. Dr Wojciech Jamroga, Research Scientist at the University of Luxembourg, Competence Hub in Research in Cybersecurity and Cyber Defence, provided invaluable insights into the evolution of cybersecurity technology, underlining the stagnation of basic concepts developed in times no longer relevant to today’s threats. He emphasized the urgency of adapting and changing these concepts to meet contemporary challenges. He also highlighted the central role of the human element in the cybersecurity landscape, emphasizing that the human is the ultimate goal of the existence of any system. In addition to these insights, he emphasized the importance of including security concerns in our day-to-day decision-making.
The discussion extended to risk management, procedural measures, and the application of research to real-world cybersecurity problems. The panelists addressed the challenge of cybercriminals staying ahead and debated the effectiveness of using AI for protection. They delved into the complexities of human perception in the digital world, the application of research in current cybersecurity issues, and the ethical considerations surrounding AI. The importance of communication in simple language, differentiation in addressing various target groups, and the necessity of aligning research with real-world problems were key takeaways.
Insightful FETTA Project Presentation
Dr Jean-Louis Huynen, a cybersecurity expert at CIRCL, delivered a compelling presentation on the FETTA Project, a collaborative initiative between Polish (CERT.PL) and Luxembourg (CIRCL) partners. The project aims to create a federated virtual Cyber Threat Intelligence (CTI) team, fostering collaboration on intelligence products across multiple national CSIRTs.
Project Objectives
FETTA’s objectives include boosting EU’s Cyber Threat Intelligence and reducing reliance on non-EU sources. It strives to create a federated virtual CTI team across multiple national CSIRTs, starting with CERT.PL and CIRCL. FETTA aims to foster the sharing of expertise, tools, and data, ultimately leading to the joint production of Cyber Threat Intelligence products.
Key Components: MISP, AIL, MWDB, and Cerebrate
The FETTA project incorporates key components like MISP, an open-source Threat Information Sharing Platform, which collects, normalizes, correlates, and enriches data. AIL, another component, is an open-source framework for collecting, crawling, and analyzing unstructured data. Additionally, MWDB and Cerebrate play crucial roles, with MWDB focused on information leaks and Cerebrate facilitating collaboration by serving as a contact information provider and community management tool.
Plan for FETTA
FETTA’s future plans include improving existing open-source tools, defining intelligence requirements and collaborative workflows, reducing duplication of work, and sharing specialist experience—all with a commitment to open-source principles.
Showcasing Innovative Companies
The conference featured pitch sessions from prominent Polish and Luxembourgish companies, providing a platform for them to present their cutting-edge solutions.
The companies included:
- Cyberclue: CyberClue delivers cybersecurity competences and supports employee development in the cyber domain. Offering diverse forms of cooperation, including body leasing, project-based collaboration, reskilling, training, and awareness campaigns, they provide SOC services and SIEM/SOAR systems for increased efficiency and protection against cyberattacks.
- Developico: Focused on optimizing business processes through the use of Low-Code/No-Code tools and Microsoft platforms, Developico simplifies, automates, and transforms. They consult on needs, requirements, and expectations, offering quick and substantive support from strategy and architecture to implementation.
- ProDevice: A global manufacturer of data destruction technologies, ProDevice offers high-quality, innovative solutions for safe and irreversible data removal. Specializing in degaussers and shredders/destroyers, they hold the “Cybersecurity Made in Europe” label from the European Cybersecurity Organization.
- Rublon: Enabling multi-factor authentication across networks, servers, endpoints, and applications, Rublon ensures secure access using hardware and software authenticators. Their customizable access policies adapt multi-factor authentication to individual needs, enhancing data protection and compliance.
- Stillsec: Specializing in cybersecurity and compliance, StillSec offers services such as pentesting, red teaming, regulatory compliance, supply chain cyber risk management, IT monitoring, incident response, and outsourcing of cybersecurity and compliance processes.
- Brainframe Technologies: A Luxembourg-based company, Brainframe Technologies provides an integrated solution for security, compliance, and regulatory processes. Combining ISMS, GRC, QMS, and DMS functionalities, their platform addresses security and compliance workloads, enhancing regulatory adherence and security posture.
- LU-CIX: The Luxembourg Internet eXchange, LU-CIX, supports the Internet and data center ecosystem in Luxembourg. As a not-for-profit membership association, LU-CIX provides national peering infrastructure and organizes the Luxembourg Internet Days, contributing significantly to the local ICT community.
- Safe Ai: SAFE AI specializes in advanced AI Surveillance Solutions, focusing on image and video anomaly detection. Their expertise includes face recognition, abnormal detection, and AI dataset production in the AI Surveillance domain.
These companies, presenting diverse technological solutions, contributed to the vibrant atmosphere of the conference, highlighting the innovative potential within the realms of cybersecurity and technology.
Contact Info & More Details in the Conference’s Brochure
Conclusion and Future Perspectives
The Luxembourg-Poland Business Conferences, initiated by the LPCC in 2018, serve as a flagship platform for fostering robust business relationships between Poland and Luxembourg. Over the years, these conferences have covered diverse topics such as Fintech and Regtech, Luxembourg-Poland Partnership in Space Business, Future of Logistics, and Sustainable Finances.
The milestone 5th Luxembourg-Poland Business Conference succeeded in fostering collaborative discussions, enriching insights, and establishing connections among industry leaders, experts, and innovators. The diverse panels, informative presentations, and engaging networking session collectively contributed to the event’s success, reinforcing the commitment to enhancing cybersecurity synergies between Poland and Luxembourg.
Please scroll down to view the video recap & photo gallery of the event.
Content curated by:
Oliwia Gertych,
LPCC Team
