"Pivnica Medvedgrad", a nice brewery/pub in the city centre, Ilica Street 49, Zagreb Google maps directions: https://maps.app.goo.gl/EjXGoumHD1rg8w1fA
We will meet in the pub, as we have a reserved space for our group.
Registration starts
Welcome from the Hosts, Organisers and Sponsors
MEETING ROOM: Business Showroom
Welcome to both groups:
- Hrvatski Telekom, 15' welcome speech & presentation - Mr. Andrija Višić, ETIS Central Office, "Updates from ETIS" (5 min speech) - Sponsors welcome: Spamhaus; Ripjar (3 min speech each)
Splitting into 2 groups
Introductions Roundtable
Meeting Room: Business Showroom
Company Updates
Meeting Room: Business Showroom
Each company is allocated 2 minutes to present recent challenges, threats, incidents, projects, and future plans. Also delivering expectations from this 2-day meeting. New members of the group may prepare a longer presentation.
Coffee Break
To-Be-Confirmed: "Developing logging and monitoring capabilities in the Network Logging domain"
Meeting Room: Business Showroom
Roundtable input (5-10 min long) from selected participants on:
- Current Logging and Monitoring Practices - Log Retention and Compliance - Security Information and Event Management (SIEM) used daily - Threat Detection & Response - Automation and Orchestration - Log Data Quality and Integrity - Evolving Threat Landscape - Future Needs and Innovation - Case Studies and Real-World Examples
Confirmed Presentations: - Dag Bredahl, Telenor Norway
Discovery Tooling and Security Tooling
Meeting Room: Business Showroom
Confirmed presentations: - "Blocking of IOCs in Security Tooling", by Mitchell Good, BT, 20' + Q&A - "Presentation on Discovery tooling for asset discovery and risk identification", by David Nairn, BT, 20' + Q&A
Lunch Break
Buffet Lunch in the Hilton hotel next to the venue
Incidents • sharing session on most recent experiences
Meeting Room: Business Showroom
Participants can prepare presentations on their experience with at least 1 recent incident. Any slides shared are expected to be sent to av@etis.org 3 working days in advance of the meeting, mentioning the TLP level.
Reserved slots: - "LockBit" Fabian Marquardt, Deutsche Telekom, 20' - "Aggregators", by Vodafone Germany, 30'
Coffee Break
SS7 security • updates on most recent threats
Meeting Room: Business Showroom
Members can prepare presentations of their most recent activities related to fighting threat actors on the SS7 security landscape.
Toolkits will be presented, along with advocacy activities related to a specific threat actor.
Please share presentation proposals with Andrija Višić at av@etis.org
Walking tour (finishing in the restaurant)
We will take a guided tour from the entrance of Hotel Dubrovnik (Location link: https://maps.app.goo.gl/fejPpsAADPpxTMM47) through the Zagreb old town and finalise our tour in the restaurant where we all meet for a community dinner.
Community Dinner in a nearby Restaurant
"SOL Tapas" restaurant, Ban Josip Jelacic Square 9, Zagreb, which is just a short walk away from the Hotel Dubrovnik or at the end of our walking tour if you are joining us for the tour.
Google Maps Directions: https://maps.app.goo.gl/f26eQxeq6XDMFmaD8
Joint Session with Anti-Abuse working group: "Various topics"
Meeting Room: Business Showroom
Reserved slots (including Q&A):
- "The Croatian Telecom SOC", Pero Kristic, Combis d.o.o., 20'
- "Navigating the NIS2 Directive: Strengthening Cybersecurity in the EU", Kristina Orsanic Kopic, Combis d.o.o., 20'
- Developing better AI and LLM/Chat style solutions, Matt Chinnery, Ripjar, 20'
- Update from ETIS Central Office, Andrija Visic, ETIS Central Office, 10'
Coffee Break
Joint Session for both Groups: "Suppliers' Demos"
Meeting Room: Business Showroom
Each sponsor of the ETIS meeting will have a 15' slot + Q&A
- Ripjar, 15'
Splitting into 2 groups
CERT-SOC: Meeting Room: Business Showroom AAWG: Meeting Room: Big One
Cyber Threat Intelligence and Emerging Threats
Meeting Room: Business Showroom
Presentation 1: "Quad7 Botnet und Entra ID attacks", by Fabian Marquardt, DT, 30'
Presentation 2: GTP security, Alexandre De Oliveira, Post Luxembourg, 15'
Discussion, 10'
Lunch Break
Buffet Lunch in the Hilton hotel next to the venue
Presentations from Hrvatski Telekom
Meeting Room: Business Showroom
Suggested: - "CoPilot Experiences in telco security departments", (TBC) -
How Cyber Exercises are organised in European telcos
Meeting Room: Business Showroom
Please share presentation proposals with Andrija Višić at av@etis.org
A mix of presentations (KPN) and table top exercises ("Backdoor breaches Card Game", Swisscom) for all attendees of the CERT-SOC WG
Presentation from Arnim Eijkhoudt, KPN on the ways to use the ETIS MISP (10')
Wrap up, Outstanding Questions & Future Topics
Meeting Room: Business Showroom
Roundtable: What to discuss in our next ETIS CERT-SOC WG meeting?
Informal dinner&drinks in Zagreb
"Pivnica Medvedgrad", a nice brewery/pub in the city centre, Ilica Street 49, Zagreb Google maps directions: https://maps.app.goo.gl/EjXGoumHD1rg8w1fA
We will meet in the pub, as we have a reserved space for our group.
Registration starts
Welcome from the Hosts, Organisers and Sponsors
MEETING ROOM: Business Showroom
Welcome to both groups:
- Hrvatski Telekom, 15' welcome speech & presentation - Mr. Andrija Višić, ETIS Central Office, "Updates from ETIS" (5 min speech) - Sponsors welcome: Spamhaus; Ripjar (3 min speech each)
Splitting into 2 groups
Introductions Roundtable
Meeting Room: "Big One"
Company Updates + Presentation of a Telco Frauds Landscape
Meeting Room: "Big One"
Each company is allocated 2 minutes to present recent challenges, threats, incidents, projects, and future plans. Also delivering expectations from this 2-day meeting.
Coffee Break
Anti-Abuse Best Practice Sharing • Roundtable of Topics of Interest
Meeting Room: "Big One"
All participants to prepare for discussion on the following topics, showcasing some of their best practices with or without slides:
- "Advanced Techniques in SIM Swap Prevention": Discussing the latest methods to detect and prevent SIM swap attacks (Dag Eng, Telenor Norway, 5')
- "Combating Robocalls and Phone Spoofing": Exploring innovative technologies and regulatory frameworks (Dag Eng, Telenor Norway 5')
- "AI and Machine Learning in Fraud Detection": Leveraging AI and machine learning algorithms
- "Secure Identity Verification Methods": Enhancing customer authentication processes without compromising user experience
- "Fraudulent Account Takeovers and Credential Stuffing"
+ Presentation on StopPhishing project, by Michael Van Landeghem, Proximus
Lunch Break
Buffet Lunch in the Hilton hotel next to the venue
Session 4: Telecom Fraud and Scam Awareness: Global Perspectives
Meeting Room: "Big One"
Please share presentation proposals with Andrija Višić at av@etis.org
1. Presentation: "Abusix Global Reporting Project" - presentation of the collaboration with ETIS, Tobias Knecht, Abusix CEO
2. Presentation: "Who is facilitating the facilitators?", Emanuele Balla, Spamhaus
Coffee Break
E-Mail Authentication and Anti-Spam Measures
Meeting Room: "Big One"
Please send presentation proposals to Andrija Visic at av@etis.org
Reserved slots: - "Working with authorities to shut down major smishing campaigns", Lauri Ramo, Elisa, 20'
Walking tour (finishing in the restaurant)
We will take a guided tour from the entrance of Hotel Dubrovnik (Location link: https://maps.app.goo.gl/fejPpsAADPpxTMM47) through the Zagreb old town and finalise our tour in the restaurant where we all meet for a community dinner.
Community Dinner in a nearby Restaurant
"SOL Tapas" restaurant, Ban Josip Jelacic Square 9, Zagreb, which is just a short walk away from the Hotel Dubrovnik or at the end of our walking tour if you are joining us for the tour.
Google Maps Directions: https://maps.app.goo.gl/f26eQxeq6XDMFmaD8
Joint Session with Anti-Abuse working group: "Various topics"
Meeting Room: Business Showroom
Reserved slots (including Q&A):
- "The Croatian Telecom SOC", Pero Kristic, Combis d.o.o., 20'
- "Navigating the NIS2 Directive: Strengthening Cybersecurity in the EU", Kristina Orsanic Kopic, Combis d.o.o., 20'
- Developing better AI and LLM/Chat style solutions, Matt Chinnery, Ripjar, 20'
- Update from ETIS Central Office, Andrija Visic, ETIS Central Office, 10'
Coffee Break
Joint Session for both Groups: "Suppliers' Demos"
Meeting Room: Business Showroom
Each sponsor of the ETIS meeting will have a 15' slot + Q&A:
- Ripjar, 15'
Splitting into 2 groups
CERT-SOC: Meeting Room: Business Showroom AAWG: Meeting Room: Big One
Communication and Engagement with Customers to Prevent Fraud and Abuse
Meeting Room: "Big One"
Please share presentation proposals with Andrija Višić at av@etis.org
Reserved slots: - "Elisa's approach to customer communication about fraud", Lauri Ramo, Elisa, 20'
- "SISA 10th Anniversary & using www.ibarry.ch for helping your customers", from an abuse desk perspective, Presentation from Thomas Lademann, Swisscom, 20'
Lunch Break
Buffet Lunch in the Hilton hotel next to the venue
Roundtable discussion: "How to share vast amounts of useful 'attack data' telcos hold"
Meeting Room: "Big One"
Roundtable: What are some ways you might be aware of, for distributing 'attack data' to the various ISPs – so proper cleanups can be made?
Best Practices in Utilizing and Supporting Open Source Solutions
Meeting Room: "Big One"
Please share presentations with Andrija Višić at av@etis.org
Wrap up, Outstanding Questions & Future Topics
Meeting Room: "Big One"
Roundtable: What to discuss in our next ETIS Anti-Abuse WG meeting?
TBC: Capture The Flag Competition for conference participants
Details to be shared soon as well as application form.