Cyberwal in Galaxia

2024 Cyberwal in Galaxia Program

This school is free of charge* (registration below)

02 – 06 December 2024 (end of registrations on 25/11)

This program will take place on the Galaxia site in Transinne which, together with the European Space Agency (ESA) and the ESEC Centre in Redu (5 km away), forms a leading Space center in Europe.

Together for Cybersecurity - Investing in cybersecurity for a secure future -

Together for Cybersecurity - Investing in cybersecurity for a secure future -

The first International School linked to the Cyberwal initiative welcomes its third cohort with more than 200 European participants expected, this December 2nd, in the province of Luxembourg.

To address cybersecurity challenges and cybercrime threats, Wallonia has launched a cybersecurity policy named “Cyberwal by Digital Wallonia.” This initiative, part of the Walloon Recovery Plan, supports specific actions including research, innovation, and education within an “excellence hub”.

This school is the result of the ambition and determination of IDELUX and its partners. The goal is to develop a high-level international training center over the long term, under the authority of a scientific committee chaired by Mr. Axel LEGAY, Professor of Cybersecurity at UCLouvain, in response to the needs of institutions (such as ESA), businesses, public authorities, and more broadly, civil society.

The Cyberwal initiative positions the Wallonia Region as one of the key players in Belgian regional cybersecurity policy. It is notable that the vision of IDELUX and its partners is quickly becoming a reality, evolving quickly to meet current and future cybersecurity challenges at both national and transnational levels.

The goal is indeed to rapidly elevate Wallonia to a position of global excellence in cybersecurity and to ensure future editions of the “Cyberwal in Galaxia Program” achieve a European dimension of excellence by directly linking them with the ever-evolving needs of the international cyber ecosystem.

It is in the ESEC Centre in Redu that ESA has decided to base its cybersecurity center, which will ensure the cyber protection of the Agency’s ground and airborne activities.

Cyberwal in Galaxia

Speakers

The objective of the organizers is to position these courses as a high level of education, on a European scale, and to link them directly to the needs of the cyber ecosystem.

Philippe Massonet
Scientific Coordinator at CETIC
Find out more
Pascal Rogiest
Managing Director of the Cybersecurity Division of RHEA Group, Chief Strategy Officer of RHEA Group, Vice President of RHEA Belux
Find out more
Michele MOSCA
Co-founder and deputy director of the Institute for Quantum Computing at the University of Waterloo, CEO & co-founder of evolutionQ
Find out more
Robert Bedington
Co-Founder & CTO
Find out more
Bart Preneel
Full Professor, KU Leuven
Find out more
Nicolas Noël
Director, Cyber Risk Advisory
Find out more
Etienne Caron
Manager, Cyber Risk Advisory
Find out more
Maxime Cordy
Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)
Find out more
Previous slide
Next slide

Cyberwal in Galaxia

Key
speakers

The objective of the organizers is to position these courses as a high level of education, on a European scale, and to link them directly to the needs of the cyber ecosystem.

Gilles Brassard

Professor of Montreal University

Kim Guldstrand Larsen

Professor at Aalborg University, Department of Computer Science, Denmark

Cyberwal in Galaxia

Speakers

Bart Ansot

National Security Officer
Thales_Logo

Adrien Becue

AI & Cybersecurity Expert

Etienne Caron

Manager, Cyber Risk Advisory

Maxime Cordy

Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)
logion noir

Gérard Dethier

CTO

Vincent Defrenne

Partner, Cyber Strategy & Architecture
image (13)

Eleni Diamanti

CNRS Research Director
Universite de liege

Benoît Donnet

Professor

Thierry Draus

Vice President, Business Development

Jordi Guijarro

Principal Technologist for Cloud-Edge Innovation

David Jaroszewski

Senior advisor on digital transformation and innovation
SM_logo_ORGNL_POS_baseline

Harold Kinet

CEO

Seid Koudia

Research Associate
logo_CNR_affiancato

Fabio Martinelli

Research Director

Philippe Massonet

Scientific Coordinator at CETIC

Aloïs Moubax

Program Manager, DigitalWallonia4.Trust

Nicolas Noël

Director, Cyber Risk Advisory

Mike Papadakis

Associate Professor
LOGO_Universite__libre_bruxelles

Stefano Pironio

FRS-FNRS Research Director
Thales_Logo

Jonathan Pisane

Innovation & Product Policy Manager

Nicolas Point

Head of the IT Department

Bart Preneel

Full Professor, KU Leuven

Patrick Renaux

Senior cybersecurity architect
RGB_CLARENCE_LOGO_HORIZONTAL_POS

Pascal Rogiest

General Manager
university

Ahmad-Reza Sadeghi

Professor. Dr.-Ing
logion noir

David Schmitz

Founder
Proximus NXT logo

Kristof Spriet

Product Owner Smart & Secure Networks

Didier Stevens

Senior Analyst
Proximus NXT logo

Wim Van Vossel

Technology Strategy & Innovation Manager

President of the Scientific Committee

Axel Legay

Professor of Cybersecurity - UCLouvain, Coordinator of Cyberwal

Our Program for the 5 days

The program includes theoretical & practical courses.
A break is scheduled every day in the morning and afternoon.

The program has even more surprises in store for you. Stay tuned for more information coming soon!

The next editions of Cyberwal in Galaxia Program are already planned for 2025.

  • Day 1

    Monday 02/12

  • Day 2

    Tuesday 03/12

  • Day 3

    Wednesday 04/12

  • Day 4

    Thursday 05/12

  • Day 5

    Friday 06/12

Sold out

AI and Cybersecurity day 2024

The rise of artificial intelligence (AI) is having a profound impact on our society. During 2024, AI continues to be rapidly integrated into various sectors, each leveraging the technology to improve efficiency, reduce costs, and provide better services. The use of AI has expanded across industries, but some sectors have seen particularly high levels of adoption and integration such as healthcare (diagnostics, drug discovery, personalized medicine, predictive analytics), finance and banking (fraud detection, algorithmic trading, credit scoring, customer service), retail and e-commerce (personalized recommendations, inventory Management, customer service, pricing optimization), manufacturing and industry 4.0 (predictive maintenance, quality control, supply chain optimization, robotics and automation), automotive and transportation (autonomous vehicles, driver assistance systems, logistics and fleet management, predictive maintenance), energy and utilities (Smart Grid management, predictive maintenance, energy consumption optimization, renewable energy management), telecommunications (network optimization, predictive maintenance, customer support, fraud detection) and education (personalized learning, automated Grading, tutoring systems, administrative efficiency). AI is having impact and driving innovation by providing improved efficiency, increased productivity, better decision-making, improved healthcare, or environmental sustainability.

AI research has advanced in 2024 with advancements in Large Language Models (more powerful models, fine-tuning and adaptability, reduced hallucinations), generative AI and multimodal models (image and text integration, video and audio generation, creative applications).

 However as AI and machine learning systems become more prevalent and integral to various applications, they also become more attractive targets for cyberattacks. Some of the new and evolving cybersecurity threats to AI and machine learning in 2024 are adversarial attacks, data poisoning, model inference attacks, model evasion attacks, backdoors attacks, membership inference attacks, federated learning Attacks, supply chain attacks and cloud infrastructure attacks. Cybersecurity is important for AI because AI systems are increasingly being used in critical infrastructure, such as power grids and transportation systems. If these systems are hacked, it could have a devastating impact on society.

The objective of the day is to present some key research topics at the intersection of AI and cybersecurity in the form of short tutorials or research presentations. The day will address topics on how AI is being used for threat identification, protection, detection, response and recovery. More specific topics such as Explainable AI for malware analysis, AI based AI-powered anomaly detection, AI-powered malware detection and AI-powered incident response will also be addressed.

09:00 AM – 10:00 AM

REGISTRATIONS

10:00 AM – 10:05 AM

Introduction

  • AI in Cyber Security leverages the industrial cyber security  power of machine learning and data analysis to augment traditional security measures.
  • Zero Trust Architecture brings a new security level in OT/ICS environment.
  • How can the Industrial Metaverse help to secure our Industry 4.0 ?
Philippe Massonet
Philippe Massonet - Scientific Coordinator at CETIC
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
David Prada

10:05 AM – 11:00 AM

Statistical Model Checking for Secure Cyber-Physical Systems

Cyber-physical or IoT systems are ubiquitous in modern society, and involve computational devices monitoring and controlling complex physical systems.  The computational devices are often constrained by computational power, memory, and energy consumption, and are increasingly used in critical industrial systems. Clearly  the safety and security of such systems is of the utmost importance.  In this talk we will present a number of settings, where so-called Statistical Model Checking (SMC) — supported by the award-winning tool UPPAAL (www.uppaal.org) – has been used to identify and quantify potentially security side-channel attacks.

In order to formally specify security-related properties—such as non-interference—one cannot purely rely on traditional trace-based specification formalisms such as Linear Temporal Logic (LTL).  The reason is that they relate the events of two (or more) traces of the system, and LTL can only reason on one execution at a time. So-called hyper-property extensions of LTL has been proposed.  Within UPPAAL  a real-time and probabilistic hyper-logic (HPSLT) has been implemented and used to identify three types of side-channel attacks.

DTLS is a protocol that is widely used by IoT devices, including critical industrial IoT systems, as the transport layer for secure and authenticated communication. A formal model of  DTLS has been made, and   the statistical model checking engine of UPPAAL has been used to  analyse, evaluate, and optimise energy consumption for the protocol. In particular different network scenarios has been considered identifying how energy consumption is highly dependent on the specific usage scenario.  Addressing security issues the model has been extended with an active attacker trying to drain as much energy as possible from the target system by (ab)using DTLS.  Analysing and preventing such Denial of Service attacks is essential for critical systems.

Finally, we will report on use of the statistical model checking engine of UPPAAL for analysing impact of bit-flips in security critical code.

AI has revolutionized cybersecurity, enabling advanced capabilities such as the detection of malware, vulnerabilities and fraud. Yet, as AI empowers defenders, it also empowers attackers. The dark side of AI reveals a landscape where malicious actors harness AI for spear phishing, automated cyberattacks, misinformation, and deepfakes. Moreover, AI itself becomes a target, as shown by adversarial machine learning and model poisoning attacks. Finally, there are concerns about AI creating a dystopia.

The talk further delves into novel technologies such as attribution (watermarking) and computing on encrypted data that can play a role in mitigating some of these risks.

Overall, there is a need for a multidisciplinary approach encompassing technology, regulation, and ethics to effectively address the challenges presented by the intricate relationship between AI, cybersecurity and privacy.

Larsen
Kim Guldstrand Larsen - Professor at Aalborg University, Department of Computer Science, Denmark
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
David Prada

 11:00 AM – 11:45 AM

Machine Learning Security in the Real World

Adversarial attacks are considered as one of the most critical security threats for Machine Learning (ML). In order to enable the secure deployment of ML models in the real world, it is essential to properly assess their robustness to adversarial attacks and develop means to make models more robust. Traditional adversarial attacks were mostly designed for image recognition and assume that every image pixel can be modified independently to its full range of values.

In many domains, however, these attacks fail to consider that only specific perturbations could occur in practice due to the hard domain constraints that delimit the set of valid inputs. Because of this, they almost-always produce examples that are not feasible (i.e. could not exist in the real world). As a result, research has developed real-world adversarial attacks that either manipulate real objects through a series of problem-space transformations (i.e. problem-space attacks) or generate feature perturbations that satisfy predefined domain constraints (i.e. constrained feature space attacks). In this talk, we will review the scientific literature on these attacks and report on our experience in applying them to real-world cases.

Maxime Cordy
Maxime Cordy - Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

11:45 AM – 12:00 PM

COFFEE BREAK

12:00 PM – 01:00 PM

Turing's Echo on Deceptive Machines: The Challenge of Distinguishing Human and AI Creations

As generative AI models evolve, distinguishing between human-generated and AI-generated content is becoming increasingly challenging, threatening trust across various domains such as misinformation in media, political campaigns, legal accountability, scientific integrity, and cybersecurity. Distinguishing between machine and human outputs will be vital because, in the dystopian future, machines will potentially rise against humans.

This talk explores methods and technologies for identifying the origin of content, focusing on audio and text. We highlight the limitations of current models in detecting subtle differences between human-generated and AI-generated content. Our work augments physical principles, such as the Micro Doppler Effect, with machine learning frameworks. This integration incorporates prior input data knowledge into the model, enhancing detection and reducing biases in generated content. Finally, we discuss ongoing challenges and future research directions in this dynamic field.

Ahmad-Reza Sadeghi
Ahmad-Reza Sadeghi - Professor Dr.-Ing. at technische universität darmstadt
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

01:00 PM – 02:00 PM

LUNCH TIME

02:00 PM – 03:30 PM

Explainable ML for malware analysis

The talk addresses the growing complexity of malware by exploring advanced detection and analysis techniques, focusing on both static and dynamic approaches. The lecture highlights the strengths and limitations of each approach and discusses their combination to improve detection accuracy. A  method of representing malware as images is introduced, allowing the application of image processing and machine learning techniques to detect malicious patterns, offering advantages over traditional methods. The importance of explainability in malware detection is advocated by using such approaches.

Fabio Martinelli - Research Director at National Research Council of Italy
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

03:30 PM – 03:45 PM

COFFEE BREAK

03:45 PM – 04:30 PM

Cybersecurity threat landscape, Microsoft's view on the current and future secure state

During this session, Microsoft will show their view on the threat landscape and how is has evolved throughout the years using geopolitical challenges, technical advancements by integrating cutting-edge technologies into their attacks and how we should prepare, defend and collaborate as one to become more resilient and secure in this ever-changing world

BartAsnot
Bart Asnot - National Security Officer at Microsoft
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

04:30 PM – 05:15 PM

Artificial Intelligence Deployable Agent (AIDA)

Contemporary combat systems carry an increasing amount of tactical computing and electronics potentially vulnerable to cyber-attacks. While current cyber-defense operations address in non-real time the needs for detection and response to cyber incidents affecting traditional IT systems, securing the fast expanding Internet of Military Things (IoMT) requires very short response times, and accurate decision making under strong operational, computing and energy constraints. The deployment of efficient detection and response capacities on embedded systems requires the design of lightweight resident Artificial Intelligence (AI) agents, trained specifically for these environments and capable of automating the detection and response loop in the absence of timely available human expertise. NATO’s IST-152 Research Task Group (2016-2020) on “Intelligent, Autonomous and Trusted Agents for Cyber Defense and Resilience” (AICA) initiated this concept between 2016 and 2020. The research yielded an AICA Reference Architecture (Kott et al., 2018). Later, an international working group formed to continue work on AICA (see https://www.aica-iwg.org/). Yet this highly conceptual architecture was not yet set into practice. The growing use of Unmanned Vehicles (UxV) in modern conflicts however revives the need for time sensitive autonomous decision at the edge of systems evolving in environments saturated with Cyber-Electromagnetic Threats (CEMA). To reduce UxVs exposure and augment their chances of survival in contested battlefield, remote control is progressively replaced by individual (autonomous) and collective (swarm) intelligent navigation techniques. While AI is seen as an essential capability for the survival of these proliferating objects, adversarial AI discipline unveils targeted evasion techniques to lure and hide from embedded AI. In short we need cyber-defense agents that are altogether frugal, accurate, adaptive, explainable, collaborative, and robust. This is the challenge addressed by AIDA project.

The proposed solution relies on three types of AI agents: a white agent, a red agent, and a blue agent. The white agent is a foundation model that is trained against massive data to develop a broad set of human-like capacities such as threat analysis, detection rule edition, incident qualification and response planning. Cyber-defense analysts prompt a Large Language Model (LLM) upon identification of new threats to produce tailored detection rules and response plans in seconds instead of hours. A Retrieval Augmented Generation (RAG) procedure restricts LLM sources to qualified knowledge bases. A reward system based on human feedback reinforces the model toward good decisions. From this white agent, smaller, more specialized agents will be derived that aim to perform narrow cyber-defense routines at the edge of IoMT. Unlike the white agent, blue agents need to operate in resource-constrained environment in an autonomous manner. We will use pruning and unlearning techniques to minimize the resource requirements of blue agents and obfuscation techniques to reduce their exposure to reverse engineering. Wherever needed, they will be fine-tuned to their environment of destination across land, sea, air, space and cyber domains. Yet as we may lack quantitative attack data, we will craft a third type of agent, whose role will be to generate attacks. The red agent will be trained in a simulated environment placed in adversarial setup with blue agents to develop offensive AI strategies. This Generative Adversarial Networks (GAN) setup will reinforce blue agents’ successful defense strategies, challenge their individual and collaborative defense objectives, and strengthen their robustness towards evasion attacks.

To conclude, the AIDA system involves an LLM (white agent), adversarial generative AI (red agent) and a Multi-Agent System (blue agents) in mission-critical activities landing in 5 military domains. Among other applications, the system aims to protect combat aircraft against CEMA threats with severe safety implications. Continuous improvement and responsible use of AI are enabled by reinforcement learning and RAG techniques. It reduces the exposure of modern military systems to emerging risks such as adversarial AI attacks.

Adrien Becue
Adrien Becue - AI & Cybersecurity Expert at THALES
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker
Sold out

Quantum Day

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 10:30 AM

Cybersecurity in our quantum age

Although practised as an art and science for ages, cryptography had to wait until the mid-twentieth century for Claude Shannon to endow it with a rigorous mathematical foundation. However, Shannon’s approach was rooted in his own information theory, itself inspired by the classical physics of Newton and Einstein. Yet, the world in which we live is subject to the laws of quantum theory, no matter how bewildering, whose experimental verification half a century ago was rewarded in 2022 by the Nobel Prize in Physics. When quantum theory is taken into account, new vistas open up both for codemakers and codebreakers. Is this a blessing or a curse for cybersecurity? Quantum computers will soon be capable of computations that would be unthinkable for a conventional computer, which will seriously undermine the so-called security of Internet communications as we practise them today. Nevertheless, the same quantum theory gives rise to new cryptographic paradigms that are in principle invulnerable to arbitrary attacks, even by an adversary capable of harnessing unlimited computing power and technology. However, this unconditional security requires quantum cryptography to be implemented according to the theory, which is very challenging. Will the cat-and-mouse game between codebreakers and codemakers soon reach a decisive outcome? As we shall see, the jury is still out! 

No prior knowledge in cryptography or quantum theory will be assumed. Please note that this talk will be given in French, with slides written in English. 


Gilles Brassard - Professor of Montreal University

10:30 AM – 10:45 AM

COFFEE BREAK

10:45 AM – 12:15 PM

Cybersecurity in our quantum age

Although practised as an art and science for ages, cryptography had to wait until the mid-twentieth century for Claude Shannon to endow it with a rigorous mathematical foundation. However, Shannon’s approach was rooted in his own information theory, itself inspired by the classical physics of Newton and Einstein. Yet, the world in which we live is subject to the laws of quantum theory, no matter how bewildering, whose experimental verification half a century ago was rewarded in 2022 by the Nobel Prize in Physics. When quantum theory is taken into account, new vistas open up both for codemakers and codebreakers. Is this a blessing or a curse for cybersecurity? Quantum computers will soon be capable of computations that would be unthinkable for a conventional computer, which will seriously undermine the so-called security of Internet communications as we practise them today. Nevertheless, the same quantum theory gives rise to new cryptographic paradigms that are in principle invulnerable to arbitrary attacks, even by an adversary capable of harnessing unlimited computing power and technology. However, this unconditional security requires quantum cryptography to be implemented according to the theory, which is very challenging. Will the cat-and-mouse game between codebreakers and codemakers soon reach a decisive outcome? As we shall see, the jury is still out! 

No prior knowledge in cryptography or quantum theory will be assumed. Please note that this talk will be given in French, with slides written in English. 


Gilles Brassard - Professor of Montreal University

12:15 PM – 01:15 PM

LUNCH TIME

01:15 PM – 02:00 PM

BeQCI and device-independent quantum key distribution

This presentation provides a brief introduction to the Belgian Quantum Communication Infrastructure (BeQCI) project, part of the European EuroQCI initiative aimed at advancing secure quantum communication networks across Europe. In addition to building infrastructure, BeQCI is driving research into future-proof quantum key distribution (QKD) protocols. Specifically, we will explore Device-Independent (DI) QKD, a cutting-edge approach to quantum cryptography that leverages Bell inequalities, recognized with the 2022 Nobel Prize in Physics. By eliminating certain security assumptions, DI QKD offers unprecedented levels of security beyond current QKD protocols. Attendees will gain insights into the future potential of DI and semi-DI QKD to enhance information security in the quantum era. Join us to discover how these advancements are pushing the boundaries of secure communication.

pironio
Prof. Stefano Pironio - FRS-FNRS Research Director at ULB

02:00 PM – 02:45 PM

Eagle-1 : QKD in practice and build-up of users communities

The EAGLE-1 mission aims to develop Europe’s first sovereign, end-to-end space-based Quantum Key Distribution (QKD) system. Led by SES in collaboration with the European Space Agency (ESA) and various European space agencies and private partners, the mission will feature a state-of-the-art QKD system comprising a payload aboard the EAGLE-1 Low Earth Orbit (LEO) satellite, optical ground stationsquantum operational networks, and a key management system. EAGLE-1 marks a significant milestone in next-generation quantum communication infrastructure, providing crucial technical insights and mission data while contributing to the EuroQCI program‘s development. It offers a unique opportunity for public and private entities to test and validate end-to-end Quantum Safe solutions through satellite-based QKD.

Thierry Draus
Thierry Draus - Vice President Business Development at SES

02:45 PM – 03:30 PM

Quantum Technologies for Communications Systems

In this talk, we will explore the exciting advancements in quantum technologies and their transformative impact on communication systems. Starting with an introduction to the Second Quantum Revolution, we will delve into key developments, such as Quantum Communications Infrastructure and Quantum Key Distribution (QKD), which are poised to enhance data security and revolutionize the way we exchange information. Next, we will discuss the concept of the Quantum Internet, a futuristic network leveraging quantum principles for unprecedented communication capabilities. We will also cover Quantum Optimization techniques and their application to solving complex communication challenges, especially within large-scale and evolving networks like 6G.  Finally, we will conclude with prespectives and open research problems offering a roadmap for the development and integration of quantum technologies in the years ahead.

seid koudia
Seid Koudia - Research Associate at University of Luxembourg

03:30 PM – 04:15 PM

Fast and Practical integrated quantum communications systems

FranceQCI and its challenges

We discuss current efforts towards the deployment of a national quantum communication infrastructure in France. These include technologies under development in our academic laboratories as well as benchmark demonstrations at the testbeds in operation in the Paris and Nice regions involving industrial actors spanning the telecom operator, cybersecurity, QKD system provider, photonics and space sectors. We also discuss current challenges in the field of quantum communication and future perspectives.

Eleni Diamanti
Professor Eleni Diamanti - CNRS Research Director at Sorbonne University
Prof. Hugo Zbinden - University of Geneva

04:15 PM – 04:30 PM  

COFFEE BREAK

04:30 PM – 05:15 PM

INT-UQKD : cross-border QKD

Through a set of business-driven use cases, INT-UQKD (“International Use cases for Operational QKD Applications & Services”) will provide global quantum safe communication services upon a hybrid space-terrestrial quantum key distribution (QKD) backbone. By leveraging the QKD technology, together with other classical and post-quantum cryptographic protocols to deliver a practical environment that can be used in the current commercial context, INT-UQKD safeguards the secure exchange of information, the long-term protection of stored data, and the protection of critical infrastructure in the post quantum age.

Thanks to its hybrid space and terrestrial network, INT-UQKD will demonstrate a global quantum safe communication between Redu (Belgium), Windhof (Luxembourg) and Singapore. As INT-UQKD architecture is designed with scalability and interoperability mind, it allows the incorporation of future extensions. These extensions will expend both INT-UQKD geographical reach and operational capabilities, aiming at implementing a resilient, flexible and manageable ecosystem with global coverage enabling quantum secure communication and cryptographic services for private and governmental users.

Patrick Renaux
Patrick Renaux - Senior cybersecurity architect

05:15 PM – 06:15 PM

Presentation of Quantum Demonstrator of GALAXIA in Transinne (Thales Belgium)

Presentation of Quantum Demonstrator of GALAXIA in Transinne (Thales Belgium)

Pisane Jonathan
Jonathan Pisane - Innovation & Product Policy Manager at Thales Belgium

9:00 AM – 9:30 AM

REGISTRATIONS

09:30 AM – 12:30 PM

Poster session (Abstract)

The 3rd edition of the Cyberwal in Galaxia Program will feature an exciting poster competition where 30 posters will be showcased. The best poster will be honored with an Award, which will be presented during the ceremony scheduled for Wednesday, 12/04, in the late morning. An expert jury, consisting of 10 professionals renowned in their fields, will select the winner of this Cybersecurity Award.

Beyond the competition, the poster session offers an exceptional opportunity for participants to present their innovative research and hone their scientific communication skills in front of a diverse audience, including business representatives. This session is much more than a mere contest: it is a true exchange platform. It enables participants to connectshare ideas, and enrich the international cybersecurity community.

We warmly invite studentsresearchers, and professionals to participate in this enriching event. Discover the latest innovations, share your expertise, and immerse yourself in an environment of collaboration and innovation. Join us to celebrate excellence in cybersecurity and contribute to a tradition of impact and continuous progress.

12:30 PM – 01:30 PM

LUNCH TIME

01:30 PM – 03:00 PM

Introduction

A meticulously designed CTF challenge that push the boundaries of conventional cybersecurity knowledge. Attendees will be able to revel in the opportunity to listen to and interact with esteemed experts from the cybersecurity domain, each bringing a wealth of experience and fresh perspectives.

Complementing these, our hands-on demonstrations promise a deep dive into the latest technologies and methodologies, forging a link between academic theories and their tangible, real-world implementations. Join us for a comprehensive exploration of the future of cybersecurity.

Deloitte will invite keynotes speakers to develop on concise and insightful talk on a relevant cybersecurity topic and allow some time for questions and answers.

Nicolas Noël 
Nicolas Noël  - Director, Cyber Risk Advisory at Deloitte
Etienne Caron
Etienne Caron - Manager, Cyber Risk Advisory at Deloitte

03:00 PM – 03:15 PM

coffee break

03:15 PM – 04:45 PM

A meticulously designed CTF challenge that push the boundaries of conventional cybersecurity knowledge. Attendees will be able to revel in the opportunity to listen to and interact with esteemed experts from the cybersecurity domain, each bringing a wealth of experience and fresh perspectives.

Complementing these, our hands-on demonstrations promise a deep dive into the latest technologies and methodologies, forging a link between academic theories and their tangible, real-world implementations. Join us for a comprehensive exploration of the future of cybersecurity.

Deloitte will invite keynotes speakers to develop on concise and insightful talk on a relevant cybersecurity topic and allow some time for questions and answers.

Nicolas Noël 
Nicolas Noël  - Director, Cyber Risk Advisory at Deloitte
Etienne Caron
Etienne Caron - Manager, Cyber Risk Advisory at Deloitte

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 12:15 PM

An Introduction to Smart Contracts Security

This session focus on security aspect of modern financial transactions above blockchains: smart contracts. To do so, the first part of the session will review key theoretical concepts, such as cryptography, hashing, signature, fingerprint, merkle tree) before diving into the notion of block chain and smart contracts.  The Solidity programming language will be introduced and well known attacks will be discussed (e.g., reentrancy attack). In the second part of the session, attendees will have the opportunity to learn how to detect security breaches in smart contracts and how to abuse them for performing an attack.

Benoît Donnet
Benoît Donnet - Professeur at Université de Liège

OR

09:00 AM – 09:45 AM

The blockchain landscape in Wallonia

Wallonia is active in the field of blockchain, and a number of public and private initiatives are already underway. Before presenting some concrete projects implemented in our region, Nicolas Point will outline the two most important federative programs.

The WalChain initiative, which was born of a grouping of Walloon blockchain start-ups, aims to promote ‘Made In Wallonia’ blockchain as an innovative tool for building collaborative and transparent ecosystems, as well as an opportunity to contribute to sustainable economic redeployment in Wallonia. DigitalWallonia4.Trust is an innovative project led by Agoria, Infopole, Agence du Numérique and WalChain. Supported by the Service Public de Wallonie Economie Emploi et Recherche (SPW EER) and Wallonia, this initiative is part of the Digital Excellence program of Wallonia’s digital strategy, Digital Wallonia. DW4TRUST aims to place Wallonia at the center of digital innovation. By integrating blockchain technology into various sectors, DW4TRUST not only improves efficiency, trust and security across businesses, but also opens up new opportunities for growth and innovation.

Nicolas Point
Nicolas Point - Responsable du département IT at MULTITEL
alois
Aloïs Moubax - Program Manager at DigitalWallonia4.Trust

09:45 AM – 10:30 AM

Seamless Blockchain Integration: Transforming Existing Businesses with Innovative Solutions

This session will explore a proven methodology for integrating blockchain technology into existing business systems. We’ll cover key steps, from assessing business needs and designing a tailored blockchain strategy, to implementing and deploying solutions that align with current infrastructure. Attendees will learn best practices for overcoming common challenges, such as data migration, interoperability, and security, while maximizing the benefits of blockchain, including transparency, efficiency, and trust. Real-world case studies will highlight successful integrations in sectors like supply chain, ESG reporting, and Digital Product Passports (DPP).

Harold Kinet
Harold Kinet - CEO at BE Blockchain

10:30 AM – 10:45 AM

COFFEE BREAK

10:45 AM – 11:45 AM

Logion: Blockchain and IPFS to Secure and Certify Sensitive Data

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

David Schmitz
David Schmitz - Founder of Logion
Gérard 2
Gérard Dethier - CTO at Logion

11:45 AM – 12:15 PM

The Future of Blockchain and Web3 in Wallonia

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

alois
Moderator: Aloïs Moubax - Program Manager at DigitalWallonia4.Trust
Nicolas Point
Moderator: Nicolas Point - Head of the IT Department
David Schmitz
David Schmitz - Founder of Logion
Gérard 2
Gérard Dethier - CTO at Logion
Harold Kinet
Harold Kinet - CEO at BE Blockchain

12:15 PM – 01:15 PM

LUNCH TIME

01:15 PM – 04:15 PM

An Introduction to Smart Contracts Security

This session focus on security aspect of modern financial transactions above blockchains: smart contracts. To do so, the first part of the session will review key theoretical concepts, such as cryptography, hashing, signature, fingerprint, merkle tree) before diving into the notion of block chain and smart contracts.  The Solidity programming language will be introduced and well known attacks will be discussed (e.g., reentrancy attack). In the second part of the session, attendees will have the opportunity to learn how to detect security breaches in smart contracts and how to abuse them for performing an attack.

Benoît Donnet
Benoît Donnet - Professeur at Université de Liège

OR

01:15 PM – 02:30 PM

Emerging ICT trends: the need for secure and quantum-safe networks

We will highlight the increasing need to have strong network security resulting from the adoption of new technologies like AI, 5G, IoT and quantum. We will review the different network security technologies available on offer today. And we will explore the impact of crypto-relevant quantum computers on organisations, and how you can already prepare today.

Wim Van Vossel
Wim Van Vossel - Proximus NXT

02:30 PM – 03:30 PM

AI-enabled disconnected sovereign cloud in Luxembourg for Europe

Clarence’s core mission is to offer a cutting-edge, disconnected sovereign cloud solution. Based on Google Cloud technology, this unique proposition guarantees the confidentiality and security of the most sensitive information, giving control over data, and offering total autonomy of operation. Clarence respects the highest ethical standards in data protection, confidentiality, transparency and regulatory compliance.

Clarence is the result of a joint venture between Proximus and LuxConnect. A joint venture born of the desire to create a disconnected sovereign cloud, designed to meet the needs of companies wishing to retain control over the integrity of their data and access to it, but also, operationally, to ensure that their operations are carried out on our soil and subject only to European jurisdictions.

The origins of Clarence lie in a shared ambition: to offer users the most advanced Cloud functionalities, while guaranteeing them total control over where their data resides and who has access to it.

What We Do : Combining Innovation and Sovereignty in Cloud Computing

The sovereign cloud solves the dilemma between innovation and compliance. By combining the best of both worlds, it facilitates access to technological innovations while ensuring compliance and protection of sensitive data.

PR_shirt
Pascal Rogiest - General Manager at Clarence S.A.

03:30 PM – 03:45 PM

COFFEE BREAK

03:45 PM – 04:45 PM

Cloud Continuum Security Challenges

EU IPCEI on Next Generation Cloud Infrastructure and Services

Cloud & edge computing are crucial for an interconnected and resilient Digital Europe, as well as for the EU’s geostrategic position and competitiveness in the global economy. IPCEI CIS is the first IPCEI in the cloud and edge computing domain. It concerns the development of the first interoperable and openly accessible European data processing ecosystem, the multi-provider cloud to edge continuum. It will develop data processing capabilities, and software and data sharing tools that enable federated, energy-efficient and trustworthy cloud and edge distributed data processing technologies and related services. The innovation provided by IPCEI CIS will enable a new spectrum of possibilities for European businesses and citizens, advancing the Digital and Green transition in Europe.The main aim of the session is to introduce the main cloud continuum security challenges focusing on relevant topics like Confidential Computing, ultra-high resilience, cloud certification, etc.

photo_jguijarro
Jordi Guijarro - Principal Technologist at Cloud-Edge Innovation

04:45 PM – 05:30 PM

A Tale of Vulnerability Prediction

Over the past years, automated vulnerability prediction research, mainly supported by AI techniques, has grown in popularity. While a large number of studies have been proposed, they often make simplification assumptions, which limit their applicability and adoption. This talk will provide a historical view of the vulnerability prediction approaches and will focus on the challenges and limitation that they face through the lens of three different research communities, i.e., AI, SE and Security. The talk will conclude with a discussion on the links between vulnerability prediction and testing, showing potential applications and cross-fertilization between the two research fields.

Mike papadakis
Mike Papadakis - Associate Professor at SnT

05:30 PM – 06:00 PM

How sovereign cloud solutions contribute to European digital autonomy?

Round table on Blockchain in Wallonia

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

PR_shirt
Moderator: Pascal Rogiest - General Manager at Clarence S.A.
Wim Van Vossel
Wim Van Vossel - Proximus NXT
photo_jguijarro
Jordi Guijarro - Principal Technologist at Cloud-Edge Innovation
Mike papadakis
Mike Papadakis - Associate Professor at SnT
Sold out

07:00 PM

Aperitif

07:30 PM

Gala Dinner at the Euro Space Center

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 10:00 AM

Innovation and judicial police: a winning combination in the fight against crime

The Federal Judicial Police will present its overall vision and the role of technology in achieving it.

The main drivers of our strategy will be outlined to explain their use in our digital transformation and the disruption of our operational processes.

We will provide concrete examples of technological achievements in operations where an inclusive approach has been a key factor in success.

We will then discuss the challenges of operational Big Data and the contribution of AI to our complex processes.

David JAROSZEWSKI - Senior advisor on digital transformation and innovation

10:00 AM – 11:15 AM  

Introduction – The hack of the city of Antwerp and lessons learned (Amphi)

After a brief introduction to the current ransomware landscape, we review the case of the City of Antwerp based on information that was published by the city and in the press over the course of the attack and the months that followed – looking at the IT, operational, communication, reputation and financial impacts of the attack. The presentation is organized as a timeline of events, supported with press clippings and public facts brought ttogether into an exciting story that unravels over time

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

11:15 AM – 11:30 AM

coffee break

11:30 AM – 01:00 PM

Crisis response exercise: the enemy from within (2 rooms)

Participants take the helm of the crisis management team of a fictitious energy producer running its operations across Eastern Europe, and are confronted with a rapidly evolving incident involving the compromission of some of their systems and the potential involvement of an internal system administrator in these activities. The exercise is organized as a succession of briefings from the incident response team and analysis in group to define together a course of action that responds to the events and the questions raised. The response of course consists of technical actions to analyse, isolate, contain and eradicate the threat, but also involves organizational measures and measures in terms of internal and external communication. The exercise is facilitated by seasoned crisis and incident responders Vincent Defrenne and Didier Stevens.

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

01:00 PM – 02:00 PM

LUNCH TIME

02:00 PM – 05:00 PM

Ransomware Workshop (2 rooms)

During the workshop, participants will learn how to deal with this situation step-by-step by challenging them in their knowledge of various infosecurity topics. The goal of this workshop is to provide the participants with a structured approach on how to spot malware and how to deal with incidents caused by modern adversaries. Instructors will be assisting the students towards the full mapping of the incident and will provide a typical solution at the end of the workshop. The situation that the students will have to handle is as follows: “You are part of your company’s Incident Response team. On some idle Friday afternoon, your manager barges in. He has just been notified by the authorities that they have compromised a Commandand-Control server and that they have found systems communicating to that server originating from your company. The board of directors is breathing down his neck to find out what has happened and has asked him to contain this problem as soon as possible. How come we haven’t noticed this? What systems have been compromised? What data is exfiltrated?
Are there still active connections? You immediately coordinate with the authorities and receive an extract of the information they have pulled from the compromised server. And so you quest begins…” The students will work in teams of 2 and will have 4 hours to find out what has happened and to verify if there is still any active connections. During the workshop, the instructors will switch between guiding the participants and challenging them by assuming various positions in the company. The workshop will start with the set up of the participants machines with the tools required. For those participants that may not install such tools on their machine, a Linux-based virtual machine will be available for download or on USB sticks.

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

05:00 PM – 05:10 PM

Closing words from Cyberwal in Galaxia team

05:00 PM

The end

Our Program for the 5 days

The programme includes theoretical & practical courses 
A break is scheduled every day in the morning and afternoon

The next editions of Cyberwal in Galaxia Program are already planned for 2025.

Previous edition

2023 Cyberwal in Galaxia Program

0408 December 2023 

2022 Cyberwal in Galaxia Program

1216 December 2022 

Gallery

Register now!

2024 Cyberwal in Galaxia . .. ...

Days
Hours
Minutes
M-Mosca

Michele MOSCA

Co-founder and deputy director of the Institute for Quantum Computing at the University of Waterloo, CEO & co-founder of evolutionQ

MICHELE MOSCA is co-founder of the Institute for Quantum Computing at the University of Waterloo, a Professor in the Department of Combinatorics & Optimization of the Faculty of Mathematics, and a founding member of Waterloo’s Perimeter Institute for Theoretical Physics. He was the founding Director of CryptoWorks21, a training program in quantum-safe cryptography. He co-founded the ETSI-IQC workshop series in Quantum-Safe Cryptography. He co-founded evolutionQ Inc. to support organizations as they evolve their quantum-vulnerable systems to quantum-safe ones and softwareQ Inc. to provide quantum software tools and services.  

He obtained his doctorate in Mathematics in 1999 from Oxford on the topic of Quantum Computer Algorithms, an MSc in Mathematics and the Foundations of Computer Science in 1996 from Oxford. In 1995 he earned a BMath in Combinatorics & Optimization and Pure Mathematics from Waterloo. His research interests include quantum computation and cryptographic tools designed to be safe against quantum technologies.

He is globally recognized for his drive to help academia, industry and government prepare our cyber systems to be safe in an era with quantum computers. Dr. Mosca’s awards and honours include Fellow of the Institute for Combinatorics and its Applications (since 2000), 2010 Canada’s Top 40 Under 40, Queen Elizabeth II Diamond Jubilee Medal (2013), SJU Fr. Norm Choate Lifetime Achievement Award (2017), and a Knighthood (Cavaliere) in the Order of Merit of the Italian Republic (2018).

Robert-Bedington

Robert Bedington

Co-Founder & CTO

Rob is CTO at SpeQtral (formerly known as S15 Space Systems) where they are developing commercial quantum secure communication from space, and laying the foundations for a global quantum internet. At Singapore Center for Quantum technology, he was coordinating the development of NanoSatellites with Quantum technology demonstrator payloads which will enable future QKD missions. These include the SpooQy-1 mission to demonstrate an entangled photon pair source in a 3U CubeSat and the QubeSat mission, joint with RAL Space in the UK, to demonstrate entanglement-based QKD between a CubeSat and an optical ground station.

Bart Preneel

Bart Preneel

Full Professor, KU Leuven

Prof. Bart Preneel is a full professor at the KU Leuven, where he leads the renowned COSIC research group, which has 100 members. With an extensive academic career, he has held visiting professor positions at five universities across Europe. His primary areas of expertise encompass cryptography, cybersecurity, and privacy.

Prof. Preneel has been invited speaker at more than 150 conferences in 50 countries. He received the prestigious RSA Award for Excellence in the Field of Mathematics (2014), the ESORICS Outstanding Research Award (2017) and the Kristian Beckman award from IFIP TC11 (2016). He has served as president of the IACR (International Association for Cryptologic Research) and he is a fellow and Director of the IACR. Bart Preneel frequently consults for industry and government about cybersecurity and privacy technologies. His commitment to innovation extends to his roles as a co-founder and Board Member of the start-up nextAuth, a Board Member of the scale-up Approach Belgium, and an Advisory Board Member for Tioga Capital Partners and Nym Technologies. Additionally, Professor Preneel has actively participated in cybersecurity policy discussions, and is offering his expertise as a member of the Advisory Group for the European Union Agency for Cybersecurity (ENISA).

Nicolas Noël 

Nicolas Noël 

Director, Cyber Risk Advisory

Nicolas pursued his whole career in the cybersecurity field, bridging the gap between technical security controls and business drivers.

Using his technical background and his business affinity, Nicolas is supporting his customers in tailoring their technical security controls based on their risks, regulatory landscape and business objectives.

He has a broad area of expertise from financial institutions to manufacturing companies.

Etienne Caron

Etienne Caron

Manager, Cyber Risk Advisory

Etienne Caron (M.Sc) is a Consultant in Deloitte’s Cybersecurity team in Montreal since January 2019. At Deloitte, Etienne has specialized in engagements related to Cyber Governance by developing policies, standards and processes across several industries. Etienne has conducted multiples IT/OT and 3rd party assessment and developed strong expertise for clients in multiples industries. Finally, he participated in several trainings and incident response preparation mandates by organizing a phishing campaign or developing simulation exercises on ransomware to test the efficiency of response and the resilience of companies in the event of an incident.

Maxime Cordy

Maxime Cordy

Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)

Maxime Cordy is a Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT), University of Luxembourg, in the domain of Artificial Intelligence (AI) and Software Engineering (SE), with a focus on security and quality assurance for machine learning, software verification and testing, and the engineering of data-intensive systems. He has published 120+ peer-reviewed papers in these areas. He is one of the three permanent scientists of the SnT’s SerVal group (SEcurity, Reasoning and VALidation). His research is inspired from and applies to several industry partners, mostly from the financial technology and smart energy sectors. He is deeply engaged in making Society benefit from results and technologies produced by research through the founding of a spin-off company and the leadership of private-public partnership projects at SnT. He has worked as a program committee member and reviewer for top-tier AI and SE conferences incl. IJCAI, ICCV, NeurIPS, ICLR, ESEC/FSE, PLDI, ISSTA,  etc. He is distinguished reviewer board member of TOSEM and regular reviewer for other top-tier SE journals.

Gilles Brassard

Professor of Montreal University

Professor of computer science at the Université de Montréal since 1979, Gilles Brassard laid the foundations of quantum cryptography at a time when no one could have foreseen that the revolution in quantum technologies that is upon us today would usher in a multi-billiondollar industry. He is also among the inventors of quantum teleportation, which is one of the most fundamental pillars of the theory of quantum information. A Fellow of the Royal Society of London and an International Member of the National Academy of Sciences of the United States, an Officer of the Order of Canada and the Ordre national du Québec, his numerous accolades include the Wolf Prize in Physics, the Micius Quantum Prize, the BBVA Foundation Frontiers of Knowledge Award in Basic Sciences and the Breakthrough Prize in Fundamental Physics. He received honorary doctorates from ETH Zürich, the University of Ottawa and Università della Svizzera italiana in Lugano. 

Larsen

Kim Guldstrand Larsen

Professor at Aalborg University, Department of Computer Science, Denmark

Is Professor in Computer Science at Aalborg University, Denmark. His field of research includes modeling, validation and verification, performance analysis, and synthesing of real-time, embedded, and cyber-physical systems utilizing and contributing to concurrency theory,  model checking and model checking.  Kim Guldstrand Larsen is Director of the Center for Embedded Software Systems (www.ciss.dk) and is co-founder and main contributor to the tool UPPAAL (www.uppaal.org).  UPPAAL received the prestigious CAV Award in 2013 as the foremost tool for modelling and verification of real-time systems.  Kim Guldstrand Larsen won the ERC Advanced Grant in 2015 and won a Villum Investigator grant in 2021.  

Kim Guldstrand Larsen is a member of Royal Danish Academy of Sciences and Letters, elected fellow and digital expert (vismand) in the Danish Academy of Technical Sciences and Knight of the Order of the Dannebrog (2007).  Kim Guldstrand Larsen received several awards for his research.  As such, he received in 2022  the CONCUR Test-of-Time Award. 

He is Honorary Doctor, Uppsala University (1999), Honorary Doctor, École normale supérieure Paris-Saclay, Paris (2007), Foreign Expert of China, Distinguished Professor, Northeastern University (2018), INRIA International Chair (2016-2020).  He has published more nearly 500 peer-reviewed papers  and received Thomson Scientific Award as the most cited Danish computer scientist 1990-2004.

BartAsnot

Bart Ansot

National Security Officer

As an industry-focused security expert, Bart has supported companies and organizations across the world to adopt to a modern way of work where cybersecurity is an essential cornerstone. Starting his career as a technical consultant in IT, Bart transitioned into cybersecurity several years ago by combining deep tech knowledge with strategy as cybersecurity is as much a tech play as it has its place in the board room. Today, Bart is National Security Officer in Microsoft Belgium and Luxembourg and leading the Cybersecurity architects supporting the organizations in Belgium and Luxembourg.

Adrien Becue

Adrien Becue

AI & Cybersecurity Expert

Adrien Bécue (M) is AI & Cybersecurity Expert at Thales. He graduated from Toulouse Business School in 2003 with a Master in Aerospace Management. In 2004, he joined the French defense procurement agency (DGA) as a Program Purchaser for Land Weapon systems. In this position he managed a portfolio of industrial and research projects about Network-Centric Warfare and Digital Battlefield transformations. He joined EADS group in 2008 to manage acquisition programs in Tactical Communication systems for the French Navy and the International Security Assistance Force (ISAF) deployed in Afghanistan. In 2010 he became Research & Technology Project Manager for border security and maritime surveillance projects. In 2013 he became Head of Innovation of Airbus Cybersecurity. In this role, he won several Awards of Innovation with projects in fields of cryptography, cyber-defense, and security of industrial control systems. In December 2022 he has joined Thales to take the role of AI and Cybersecurity Expert. He is involved in strategic projects in field of 5G security, AI-based intrusion detection, adversarial AI and generative AI. He is Technical Coordinator of the European defense project AIDA that deals with Artificial Intelligence Deployable Agent for cyber-defense operations. He is member of serveral cybersecurity and AI expert groups supporting organizations such as ANR (French National Research Agency), EC (the European Commission), ECSO (the European Cyber-Security Organization), ENISA (European Cybersecurity Agency), EDA (the European Defense Agency) and NATO (The North Atlantic Treaty Organization).

Gérard 2

Gérard Dethier

Co-founder and CTO of Logion

Vincent Defrenne

Vincent Defrenne

Partner, Cyber Strategy & Architecture

Vincent is one of the founders of NVISO, one of Europe’s leading cyber security firms. He specializes into cyber strategy, and the last few years has helped customers’ middle and top management to prepare or handle cyber incidents. His experience comes from the field, helping factories or hospitals recover from cyber attacks, while helping executives of medium-size international businesses make threat-based choices for their cyber plans. Vincent also initiated Belgium’s national student CTF, the Cyber Security Challenge Belgium, 10 years ago. He sits on the Resilience Board of Digital Europe, the European digital trade association, and speaks and writes frequently on the matters of cyber resilience and cyber defense. 

Eleni Diamanti

Eleni Diamanti

CNRS Research Director

Eleni Diamanti is CNRS research director at the LIP6 laboratory of Sorbonne University in Paris. She received her PhD in Electrical Engineering from Stanford University in 2006 and performed her postdoc as a Marie Curie fellow at the Institute of Optics Graduate School in Palaiseau before joining the CNRS in 2009. Her research focuses on experimental quantum cryptography and communication, and on the development of photonic resources and applications for quantum networks. She is a recipient of a European Research Council Starting Grant, coordinator of the Paris Centre for Quantum Technologies, and was awarded the CNRS Silver and Innovation Medals in 2024. She is also cofounder and scientific advisor of the start-up company Welinq that specializes in quantum interconnect technology.

Benoît Donnet

Benoît Donnet

Professor

Benoit Donnet received his Ph.D. degree in Computer Science from the Université Pierre et Marie Curie in 2006 and has been a PostDoc until 2011 at the Université catholique de Louvain (Belgium). Mr. Donnet joined the Montefiore Institute at the Université de Liège since 2011 where he was appointed successively as Assistant Professor and Associate Professor. His research interests are about Internet measurements (measurements scalability, Internet topology discovery, measurements applied to security), network modeling, middleboxes, new Internet architectures (LISP, Segment Routing), and Computer Science Education.

Thierry Draus

Thierry Draus

Vice President, Business Development

With 25 years of experience in the space industry and a solid foundation in telecommunications engineering, Thierry Draus is a business development leader with a strong track record in strategic innovation and growth. As Vice President of Business Development at SES, he focuses on cutting-edge sectors, including Quantum Safe NetworksGovernment Satcom solutionsNavigation, and 5G/6G technologies, driving advancements in these critical areas.

photo_jguijarro

Jordi Guijarro

Principal Technologist for Cloud-Edge Innovation

Jordi Guijarro Olivares, Principal Technologist for Cloud-Edge Innovation at OpenNebula Systems. With more than 20 years in the ICT sector, he is an expert in cloud oriented and cybersecurity architectures and services innovation. He also combines his work at OpenNebula with participation and leading European and national projects, and collaborates in high education programs with some universities (UPC, UOC). He obtained his bachelor in Computing Engineering at the Open University of Catalonia (UOC) and a Master in ICT Management at Universitat Ramon Llull (URL).

Jaroszewski David

Senior advisor on digital transformation and innovation

My name is David Jaroszewski and I am a Chief Superintendent of the Belgian Federal Police. 

I have a Master’s degree in Applied Economic Sciences.  I worked for 10 years as IT manager for the Belgian police and then 8 years as an operational officer in the special units of the Belgian Federal Police with also the responsibility for the operational R&D.  

I am currently working as a senior  advisor on Digital transformation and innovation  to the General Director of the Judicial Police. I am also a member of several executive committee of the Federal Police in Innovation and digital transformation.

I have strong skills in IT, project management, people management (coaching and CHANGE) and budgets and I’m keen to continue my specialisation by taking various courses in innovation, strategy and related fields.  

Harold Kinet

Harold Kinet

CEO

Formerly a journalist in the defense & security sector and then a marketing manager in the theme park sector, Harold has a rich international background. In 2017, he fully immersed himself in the blockchain and Web3 sector. Initially working as a consultant, he later became the Head of Communications at Daneel.io, a French startup that raised $2M in ICO in early 2018 for developing an AI capable of creating new market indicators for traders in the crypto markets. Harold gained valuable experience during his time at Paris’ Station F and the first European blockchain project incubator, Chain Accelerator, before returning to Belgium to establish BE Blockchain SRL in late 2019—a blockchain consulting and development company. BE Blockchain quickly became a prominent player in Belgium, leading to the launch of WalChain, the official business network of the Walloon region. WalChain brings together the government, universities, clusters, and private players. Harold is also a reviewer at LN24 (Belgian livenews channel) and is invited to numerous conferences and workshops, including the European Interreg programme. For more information, visit: https://www.linkedin.com/in/haroldkinet/

seid koudia

Seid Koudia

Research Associate

Seid KOUDIA received his Bachelor’s in Fundamental Physics from the university of Sciences and Technology Houari Boumedien (USTHB), Algiers in 2015. Subsequentely, he received his Master’s in Theoretical Physics with focus on Quantum information and Quantum Computing (USTHB- Algiers) and the PhD in Quantum Technologies (University of Naples Federico II – Italy) in 2017 and 2024 respectively. He has expertise in Quantum Computing, Quantum Communications and Quantum Networking. He has Worked for Leonardo S.p.A (Roma-Tiburtina) as a Research Fellow from 2023-2024, specializing in photonic quantum computing, Satellite-Based Quantum Communications and QKD. Since February 2024, he is a Research Associate with SigCom (SnT – University of Luxembourg) working on physical and network layer aspects of quantum communications in addition to quantum computing. He authored several papers in peer-reviewed conferences and journals. 

Fabio Martinelli

Research Director

Fabio Martinelli is a research director of the Italian National Research Council (CNR) where he leads the virtual lab in cybersecurity. He is co-author of more than four hundreds of papers on international journals and conference/workshop proceedings.  His main research interests involve security and privacy in distributed and mobile systems and foundations of security, privacy and trust. He founded and chaired the WG on Security and Trust management (STM) of the European Research Consortium in Informatics and Mathematics (ERCIM) and the WG 11.14 in secure engineering of the International Federation of Information Processing (IFIP).  He coordinated the EU NESSoS Network of Excellence in Future internet Security and the EU Training Network on Cyber Security (NeCS). He also served as expert in the EU H2020 Protection and Security Advisory Group (PASAG) and is vice-chairman of the Board of the European Cyber Security Organization (ECSO) and co-chairs ECSO WG6 on strategic research and innovation agenda (SRIA).

alois

Aloïs Moubax

Program Manager, DigitalWallonia4.Trust

Aloïs Moubax is the Program Manager of DW4Trust, a strategic initiative under Digital Wallonia aimed at fostering trust and the adoption of blockchain technologies across the region.

Mike papadakis

Mike Papadakis

Associate Professor

Mike Papadakis is an Associate Professor at the University of Luxembourg where he leads the SERVAL (SEcurity, Reasoning and VALidation) research team. His research interests include software testing, code analysis and artificial inteligence for software engineering. He is best known for his work on Mutation Testing for which he has been awarded IEEE TCSE Rising Star Award 2020. He has been General Chair of the ACM SIGSOFT ISSTA 2025 and IEEE ICSME 2021 and Program Chair of SSBSE 2022 and IEEE ICST 2023. He also serves at the editorial and review boards of international Software Engineering journals (STVR, Empirical Software Engineering, ACM Transactions on Software Engineering and Methodology) and has co-authored of more than 100 publications in international peer-reviewed conferences and journals. His work has been supported by Facebook, FNR, CETREL (SIX group company), BGL (BNP Paribas), Microsoft and PayPal.

pironio

Stefano Pironio

FRS-FNRS Research Director

Stefano Pironio received a PhD in Physics at Université libre de Bruxelles in 2004. After postdoctoral stays at the California Institute of Technology, the Institute of Photonic Sciences, and the University of Geneva, he has been back at ULB since 2010, where he is now a FRS-FNRS Research Director. He was and is active in several national and international research projects, including now the Belgian BeQCI project and the EU Quantum Secure Network Partnership project. His research interests lie in Quantum Information and Quantum Foundations. He is recognized as a pioneer in the field of device-independent quantum cryptography. He derived one of the earliest security proof of device-independent quantum key distribution and contributed to the first experimental demonstration of device-independent quantum random number generation. He is a co-inventor of the NPA Hierarchy, a standard tool to study quantum correlations and their applications. He has received the QIPC Young Investigator Award, the De Donder prize of the Belgian Academy of Sciences, and the price La Recherche.

Pisane Jonathan

Jonathan Pisane

Innovation & Product Policy Manager

Jonathan Pisane received his M.Sc. degree in electrical engineering from the University of Liège (ULg), Belgium, in 2008. He got a joint Ph.D. degree in electrical engineering from ULg and Supélec, France, in 2013. His Ph.D. degree dealt with the classification of air targets using passive BS radar signals and was funded by a Belgian Fonds de la Recherche Scientifique-Fonds pour la Formation à la Recherche dans l’Industrie et dans l’Agriculture scholarship. He then joined the Temasek Laboratories of the Nanyang Technological University (NTU) of Singapore as research scientist. His research work focused on ATR using multistatic, low-frequency radar signals. Since 2024, Jonathan joined several companies as product manager and innovation manager in the field of critical communications, mobility, and Defense. He now acts as innovation and product policy manager for Thales Belgium, focusing on the development of new capabilities and their integration into future products. As such, he is member of various working groups focusing on the various domains of Defense, sensing, cybersecurity, and AI, and is deeply involved in the corresponding R&D ecosystem.  

Nicolas Point

Nicolas Point

Head of the IT Department

Nicolas Point is head of the Network Engineering Department at the Multitel Research Centre. In addition to his activities relating to data transmission in general, Nicolas is increasingly active in two complementary fields: cybersecurity and blockchain. In the latter context, he is actively involved in various projects linked to the DW4TRUST and Walchain initiatives.

Patrick Renaux

Patrick Renaux

Senior cybersecurity architect

I have received my engineering degree in optronics in 1998.

After spending one year in Antarctica operating a LIDAR experiment to measure the ozone layer,  I started my carrier in Alcatel Bell in Antwerp developing passive optical networks for Fiber to the home market. A few years later I operated a strategic move towards Thales Alenia Space in Charleroi to perform dependability engineering on various space programs, including Gaïa Ariane 6 and Galileo.  Adding wings to my carrier I worked 13 years at Pilatus aircraft in Switzerland developing air to ground connectivity solutions and performing Cybersecurity analyses required for aircraft certification.  Since 2023 I am working with Starion defining the security architecture of INT-UQKD quantum safe framework and assessing its resilience against a quite hostile environment….

PR_shirt

Pascal Rogiest

General Manager of CLARENCE S.A

Pascal Rogiest has a background in electro-mechanical engineering and a PhD in aerospace.

He started his career at the world-leading satellite firm SES, where he held during a period of 18 years various engineering, commercial, business development and corporate strategy positions until he became Vice President, Head of M&A. He was behind the creation and subsequent development of two subsidiaries at SES, namely SES TechCom in 2002 and Redu Space Services in 2007, and has been involved in various international commercial projects. 

He joined LuxTrust, the Luxembourg-national Digital Identity Trust Services provider by end of 2015, where he became CEO in March 2016 in order to foster the international development and recognition of the company and its assets, and to stimulate innovation in its products portfolio through a customer-centric approach. He was CEO of LuxTrust during 5 years, during which he became CEO the Year IT-Security BENELUX (CEO Monthly Magazine) in 2018. 

Pascal went back to his space roots while leveraging his applied cyber experience, by joining RHEA Group in January 2021, when he started-up the Luxembourg subsidiary of the group, developing new end-to-end services in satellite operations, cybersecurity and quantum technologies that could promote the Luxembourg ecosystem. He became Chief Commercial Officer of RHEA Group in January 2023, overseeing the sales and business developments initiatives in 9 countries.

Pascal joined CLARENCE as General Manager in June 2024, in order to bring to market the AI-enabled Disconnected Sovereign Cloud solution of Luxembourg and Belgium, materialized by Proximus group and state-owned Luxconnect, and based on a technology partnership with Google.

Ahmad-Reza Sadeghi

Ahmad-Reza Sadeghi

Professor. Dr.-Ing.

Ahmad-Reza Sadeghi is a professor of Computer Science and the head of the System Security Lab at the Technical University of Darmstadt, Germany. He has led several Collaborative Research Labs with Intel since 2012 and Huawei since 2019.   

He has studied Mechanical and Electrical Engineering and holds a Ph.D. in Computer Science from the University of Saarland, Germany. Before academia, he worked in the R&D of IT enterprises, including Ericsson Telecommunications. He has continuously contributed to the field of security and privacy research. He was Editor-In-Chief of IEEE Security and Privacy Magazine and had been serving on the editorial board of ACM TODAES, ACM TIOT, and ACM DTRAP. 

He received the renowned German “Karl Heinz Beckurts” award for his influential research on Trusted and Trustworthy Computing. This award honors excellent scientific achievements that have significantly impacted industrial innovations in Germany. In 2018, he received the ACM SIGSAC Outstanding Contributions Award for dedicated research, education, and management leadership in the security community and pioneering contributions in content protection, mobile security, and hardware-assisted security. In 2021, he was honored with the Intel Academic Leadership Award at the USENIX Security Conference for his influential research on cybersecurity, particularly hardware-assisted security. In 2022, he received the prestigious European Research Council (ERC) Advanced Grant. In 2024, he received the DAC (Design Automation Conference) Service Award.  

David Schmitz

David Schmitz

Founder

David Schmitz is the founder of Logion, a groundbreaking blockchain platform that integrates advanced technology with a legal framework to secure digital operations. With over 20 years of experience in management, legal practice, and IT development, David has been a strong advocate for open-source initiatives, particularly within the Linux and the Blockchain community. His expertise extends to his role as a police officer in Belgium, where he leads the development of AI-driven tools to enhance cybersecurity and public safety.

kristof Spriet

Kristof Spriet

Product Owner Smart & Secure Networks

Kristof Spriet is a seasoned Product Owner at Proximus with over two decades of experience in the telecommunications industry. He leads a dedicated team of product managers, focusing on the development and delivery of cutting-edge network and SD-WAN solutions. With a robust background in data connectivity and software-defined networks, Kristof is committed to enhancing digital security for customers. His expertise in connectivity solutions and network security enables him, together with his team of product specialists and the solution suppliers, to create innovative and secure products that meet the highest standards. This allows Proximus to remain at the forefront of the secure networking sector, leveraging insights into technological trends. Kristof is excited to share his insights and experiences at the upcoming Cyberwal in Galaxia Program. He believes that events like these are crucial for fostering collaboration and innovation in the field of cybersecurity. By engaging with students and professionals alike, Kristof hopes to inspire the next generation of tech leaders and contribute to the ongoing development of secure digital solutions.

Didier Stevens

Didier Stevens

Senior Analyst

Didier Stevens (Microsoft MVP, SANS ISC Handler, …) is a Senior Analyst working at NVISO. He is an expert in malicious documents (PDF and Microsoft Office), pioneering research into maldocs and authoring free, open-source analysis tools and private red team tools. Next to his professional activities, Didier is also a Microsoft MVP (2011-2016 awarded MVP Consumer Security, 2016-2023 awarded MVP Windows Insider) and a SANS Internet Storm Center Senior Handler.

Wim Van Vossel

Wim Van Vossel

Technology Strategy & Innovation Manager

Wim Van Vossel graduated in Digital Business Engineering at the University of Antwerp. He has been active in various roles in ICT for more than 20 years, acquiring sound financial, technical and management skills. The last 10 years Wim is contributing to the success of Proximus by leading initiatives as Technology Strategy and Innovation Manager. As such, Wim is establishing the international technology strategy within Proximus Group. Over the years he has also conducted various innovation and customer tracks in several adjacent domains like AI and drones. His innovation activities are currently related to quantum technologies. On quantum communication he realised the first QKD trial in Belgium on a production telecom network. Next to quantum communication, Wim is also investigating quantum computing use cases.

Sold out

AI and Cybersecurity day 2024

The rise of artificial intelligence (AI) is having a profound impact on our society. During 2024 AI continues to be rapidly integrated into various sectors, each leveraging the technology to improve efficiency, reduce costs, and provide better services. The use of AI has expanded across industries, but some sectors have seen particularly high levels of adoption and integration such as healthcare (diagnostics, drug discovery, personalized medicine, predictive analytics), finance and banking (fraud detection, algorithmic trading, credit scoring, customer service), retail and e-commerce (personalized recommendations, inventory Management, customer service, pricing optimization), manufacturing and industry 4.0 (predictive maintenance, quality control, supply chain optimization, robotics and automation), automotive and transportation (autonomous vehicles, driver assistance systems, logistics and fleet management, predictive maintenance), energy and utilities (Smart Grid management, predictive maintenance, energy consumption optimization,  renewable energy management), telecommunications (network optimization, predictive maintenance, customer support, fraud detection) and education (personalized learning,  automated Grading, tutoring systems, administrative efficiency). AI is having impact and driving innovation by providing improved efficiency, increased productivity, better decision-making, improved healthcare, or environmental sustainability.

AI research has advanced in 2024 with advancements in Large Language Models (more powerful models, fine-tuning and adaptability, reduced hallucinations), generative AI and multimodal models (image and text integration, video and audio generation, creative applications).

However as AI and machine learning systems become more prevalent and integral to various applications, they also become more attractive targets for cyberattacks. Some of the new and evolving cybersecurity threats to AI and machine learning in 2024 are adversarial attacks, data poisoning, model inference attacks, model evasion attacks, backdoors attacks, membership inference attacks, federated learning Attacks, supply chain attacks and cloud infrastructure attacks. Cybersecurity is important for AI because AI systems are increasingly being used in critical infrastructure, such as power grids and transportation systems. If these systems are hacked, it could have a devastating impact on society.

The objective of the day is to present some key research topics at the intersection of AI and cybersecurity in the form of short tutorials or research presentations. The day will address topics on how AI is being used for threat identification, protection, detection, response and recovery. More specific topics such as Explainable AI for malware analysis, AI based AI-powered anomaly detection, AI-powered malware detection and AI-powered incident response will also be addressed.

09:00 AM – 10:00 AM

REGISTRATIONS

10:00 AM – 10:05 AM

Introduction

  • AI in Cyber Security leverages the industrial cyber security  power of machine learning and data analysis to augment traditional security measures.
  • Zero Trust Architecture brings a new security level in OT/ICS environment.
  • How can the Industrial Metaverse help to secure our Industry 4.0 ?
Philippe Massonet
Philippe Massonet - Scientific Coordinator at CETIC
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
David Prada

10:05 AM – 11:00 AM

Statistical Model Checking for Secure Cyber-Physical Systems

Cyber-physical or IoT systems are ubiquitous in modern society, and involve computational devices monitoring and controlling complex physical systems.  The computational devices are often constrained by computational power, memory, and energy consumption, and are increasingly used in critical industrial systems. Clearly  the safety and security of such systems is of the utmost importance.  In this talk we will present a number of settings, where so-called Statistical Model Checking (SMC) — supported by the award-winning tool UPPAAL (www.uppaal.org) – has been used to identify and quantify potentially security side-channel attacks.

In order to formally specify security-related properties—such as non-interference—one cannot purely rely on traditional trace-based specification formalisms such as Linear Temporal Logic (LTL).  The reason is that they relate the events of two (or more) traces of the system, and LTL can only reason on one execution at a time. So-called hyper-property extensions of LTL has been proposed.  Within UPPAAL  a real-time and probabilistic hyper-logic (HPSLT) has been implemented and used to identify three types of side-channel attacks.

DTLS is a protocol that is widely used by IoT devices, including critical industrial IoT systems, as the transport layer for secure and authenticated communication. A formal model of  DTLS has been made, and   the statistical model checking engine of UPPAAL has been used to  analyse, evaluate, and optimise energy consumption for the protocol. In particular different network scenarios has been considered identifying how energy consumption is highly dependent on the specific usage scenario.  Addressing security issues the model has been extended with an active attacker trying to drain as much energy as possible from the target system by (ab)using DTLS.  Analysing and preventing such Denial of Service attacks is essential for critical systems.

Finally, we will report on use of the statistical model checking engine of UPPAAL for analysing impact of bit-flips in security critical code.

AI has revolutionized cybersecurity, enabling advanced capabilities such as the detection of malware, vulnerabilities and fraud. Yet, as AI empowers defenders, it also empowers attackers. The dark side of AI reveals a landscape where malicious actors harness AI for spear phishing, automated cyberattacks, misinformation, and deepfakes. Moreover, AI itself becomes a target, as shown by adversarial machine learning and model poisoning attacks. Finally, there are concerns about AI creating a dystopia.

The talk further delves into novel technologies such as attribution (watermarking) and computing on encrypted data that can play a role in mitigating some of these risks.

Overall, there is a need for a multidisciplinary approach encompassing technology, regulation, and ethics to effectively address the challenges presented by the intricate relationship between AI, cybersecurity and privacy.

Larsen
Kim Guldstrand Larsen - Professor at Aalborg University, Department of Computer Science, Denmark
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
David Prada

 11:00 AM – 11:45 AM

Machine Learning Security in the Real World

Adversarial attacks are considered as one of the most critical security threats for Machine Learning (ML). In order to enable the secure deployment of ML models in the real world, it is essential to properly assess their robustness to adversarial attacks and develop means to make models more robust. Traditional adversarial attacks were mostly designed for image recognition and assume that every image pixel can be modified independently to its full range of values.

In many domains, however, these attacks fail to consider that only specific perturbations could occur in practice due to the hard domain constraints that delimit the set of valid inputs. Because of this, they almost-always produce examples that are not feasible (i.e. could not exist in the real world). As a result, research has developed real-world adversarial attacks that either manipulate real objects through a series of problem-space transformations (i.e. problem-space attacks) or generate feature perturbations that satisfy predefined domain constraints (i.e. constrained feature space attacks). In this talk, we will review the scientific literature on these attacks and report on our experience in applying them to real-world cases.

Maxime Cordy
Maxime Cordy - Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

11:45 AM – 12:00 PM

COFFEE BREAK

12:00 PM – 01:00 PM

Turing's Echo on Deceptive Machines: The Challenge of Distinguishing Human and AI Creations

As generative AI models evolve, distinguishing between human-generated and AI-generated content is becoming increasingly challenging, threatening trust across various domains such as misinformation in media, political campaigns, legal accountability, scientific integrity, and cybersecurity. Distinguishing between machine and human outputs will be vital because, in the dystopian future, machines will potentially rise against humans.

This talk explores methods and technologies for identifying the origin of content, focusing on audio and text. We highlight the limitations of current models in detecting subtle differences between human-generated and AI-generated content. Our work augments physical principles, such as the Micro Doppler Effect, with machine learning frameworks. This integration incorporates prior input data knowledge into the model, enhancing detection and reducing biases in generated content. Finally, we discuss ongoing challenges and future research directions in this dynamic field.

Ahmad-Reza Sadeghi
Ahmad-Reza Sadeghi - Professor Dr.-Ing. at technische universität darmstadt
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

01:00 PM – 02:00 PM

LUNCH TIME

02:00 PM – 03:30 PM

Explainable ML for malware analysis

The talk addresses the growing complexity of malware by exploring advanced detection and analysis techniques, focusing on both static and dynamic approaches. The lecture highlights the strengths and limitations of each approach and discusses their combination to improve detection accuracy. A  method of representing malware as images is introduced, allowing the application of image processing and machine learning techniques to detect malicious patterns, offering advantages over traditional methods. The importance of explainability in malware detection is advocated by using such approaches.

Fabio Martinelli - Research Director at National Research Council of Italy
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

03:30 PM – 03:45 PM

COFFEE BREAK

03:45 PM – 04:30 PM

Cybersecurity threat landscape, Microsoft's view on the current and future secure state

During this session, Microsoft will show their view on the threat landscape and how is has evolved throughout the years using geopolitical challenges, technical advancements by integrating cutting-edge technologies into their attacks and how we should prepare, defend and collaborate as one to become more resilient and secure in this ever-changing world

BartAsnot
Bart Asnot - National Security Officer at Microsoft
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker

04:30 PM – 05:15 PM

Artificial Intelligence Deployable Agent (AIDA)

Contemporary combat systems carry an increasing amount of tactical computing and electronics potentially vulnerable to cyber-attacks. While current cyber-defense operations address in non-real time the needs for detection and response to cyber incidents affecting traditional IT systems, securing the fast expanding Internet of Military Things (IoMT) requires very short response times, and accurate decision making under strong operational, computing and energy constraints. The deployment of efficient detection and response capacities on embedded systems requires the design of lightweight resident Artificial Intelligence (AI) agents, trained specifically for these environments and capable of automating the detection and response loop in the absence of timely available human expertise. NATO’s IST-152 Research Task Group (2016-2020) on “Intelligent, Autonomous and Trusted Agents for Cyber Defense and Resilience” (AICA) initiated this concept between 2016 and 2020. The research yielded an AICA Reference Architecture (Kott et al., 2018). Later, an international working group formed to continue work on AICA (see https://www.aica-iwg.org/). Yet this highly conceptual architecture was not yet set into practice. The growing use of Unmanned Vehicles (UxV) in modern conflicts however revives the need for time sensitive autonomous decision at the edge of systems evolving in environments saturated with Cyber-Electromagnetic Threats (CEMA). To reduce UxVs exposure and augment their chances of survival in contested battlefield, remote control is progressively replaced by individual (autonomous) and collective (swarm) intelligent navigation techniques. While AI is seen as an essential capability for the survival of these proliferating objects, adversarial AI discipline unveils targeted evasion techniques to lure and hide from embedded AI. In short we need cyber-defense agents that are altogether frugal, accurate, adaptive, explainable, collaborative, and robust. This is the challenge addressed by AIDA project.

The proposed solution relies on three types of AI agents: a white agent, a red agent, and a blue agent. The white agent is a foundation model that is trained against massive data to develop a broad set of human-like capacities such as threat analysis, detection rule edition, incident qualification and response planning. Cyber-defense analysts prompt a Large Language Model (LLM) upon identification of new threats to produce tailored detection rules and response plans in seconds instead of hours. A Retrieval Augmented Generation (RAG) procedure restricts LLM sources to qualified knowledge bases. A reward system based on human feedback reinforces the model toward good decisions. From this white agent, smaller, more specialized agents will be derived that aim to perform narrow cyber-defense routines at the edge of IoMT. Unlike the white agent, blue agents need to operate in resource-constrained environment in an autonomous manner. We will use pruning and unlearning techniques to minimize the resource requirements of blue agents and obfuscation techniques to reduce their exposure to reverse engineering. Wherever needed, they will be fine-tuned to their environment of destination across land, sea, air, space and cyber domains. Yet as we may lack quantitative attack data, we will craft a third type of agent, whose role will be to generate attacks. The red agent will be trained in a simulated environment placed in adversarial setup with blue agents to develop offensive AI strategies. This Generative Adversarial Networks (GAN) setup will reinforce blue agents’ successful defense strategies, challenge their individual and collaborative defense objectives, and strengthen their robustness towards evasion attacks.

To conclude, the AIDA system involves an LLM (white agent), adversarial generative AI (red agent) and a Multi-Agent System (blue agents) in mission-critical activities landing in 5 military domains. Among other applications, the system aims to protect combat aircraft against CEMA threats with severe safety implications. Continuous improvement and responsible use of AI are enabled by reinforcement learning and RAG techniques. It reduces the exposure of modern military systems to emerging risks such as adversarial AI attacks.

Adrien Becue
Adrien Becue - AI & Cybersecurity Expert at THALES
LaurensS
Laurens Singier - Cybersecurity IT/OT researcher , Ethical hacker
Sold out

Quantum Day

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 10:30 AM

Cybersecurity in our quantum age

Although practised as an art and science for ages, cryptography had to wait until the mid-twentieth century for Claude Shannon to endow it with a rigorous mathematical foundation. However, Shannon’s approach was rooted in his own information theory, itself inspired by the classical physics of Newton and Einstein. Yet, the world in which we live is subject to the laws of quantum theory, no matter how bewildering, whose experimental verification half a century ago was rewarded in 2022 by the Nobel Prize in Physics. When quantum theory is taken into account, new vistas open up both for codemakers and codebreakers. Is this a blessing or a curse for cybersecurity? Quantum computers will soon be capable of computations that would be unthinkable for a conventional computer, which will seriously undermine the so-called security of Internet communications as we practise them today. Nevertheless, the same quantum theory gives rise to new cryptographic paradigms that are in principle invulnerable to arbitrary attacks, even by an adversary capable of harnessing unlimited computing power and technology. However, this unconditional security requires quantum cryptography to be implemented according to the theory, which is very challenging. Will the cat-and-mouse game between codebreakers and codemakers soon reach a decisive outcome? As we shall see, the jury is still out! 

No prior knowledge in cryptography or quantum theory will be assumed. Please note that this talk will be given in French, with slides written in English. 


Gilles Brassard - Professor of Montreal University

10:30 AM – 10:45 AM

COFFEE BREAK

10:45 AM – 12:15 PM

Cybersecurity in our quantum age

Although practised as an art and science for ages, cryptography had to wait until the mid-twentieth century for Claude Shannon to endow it with a rigorous mathematical foundation. However, Shannon’s approach was rooted in his own information theory, itself inspired by the classical physics of Newton and Einstein. Yet, the world in which we live is subject to the laws of quantum theory, no matter how bewildering, whose experimental verification half a century ago was rewarded in 2022 by the Nobel Prize in Physics. When quantum theory is taken into account, new vistas open up both for codemakers and codebreakers. Is this a blessing or a curse for cybersecurity? Quantum computers will soon be capable of computations that would be unthinkable for a conventional computer, which will seriously undermine the so-called security of Internet communications as we practise them today. Nevertheless, the same quantum theory gives rise to new cryptographic paradigms that are in principle invulnerable to arbitrary attacks, even by an adversary capable of harnessing unlimited computing power and technology. However, this unconditional security requires quantum cryptography to be implemented according to the theory, which is very challenging. Will the cat-and-mouse game between codebreakers and codemakers soon reach a decisive outcome? As we shall see, the jury is still out! 

No prior knowledge in cryptography or quantum theory will be assumed. Please note that this talk will be given in French, with slides written in English. 


Gilles Brassard - Professor of Montreal University

12:15 PM – 01:15 PM

LUNCH TIME

01:15 PM – 02:00 PM

BeQCI and device-independent quantum key distribution

This presentation provides a brief introduction to the Belgian Quantum Communication Infrastructure (BeQCI) project, part of the European EuroQCI initiative aimed at advancing secure quantum communication networks across Europe. In addition to building infrastructure, BeQCI is driving research into future-proof quantum key distribution (QKD) protocols. Specifically, we will explore Device-Independent (DI) QKD, a cutting-edge approach to quantum cryptography that leverages Bell inequalities, recognized with the 2022 Nobel Prize in Physics. By eliminating certain security assumptions, DI QKD offers unprecedented levels of security beyond current QKD protocols. Attendees will gain insights into the future potential of DI and semi-DI QKD to enhance information security in the quantum era. Join us to discover how these advancements are pushing the boundaries of secure communication.

pironio
Prof. Stefano Pironio - FRS-FNRS Research Director at ULB

02:00 PM – 02:45 PM

Eagle-1 : QKD in practice and build-up of users communities

The EAGLE-1 mission aims to develop Europe’s first sovereign, end-to-end space-based Quantum Key Distribution (QKD) system. Led by SES in collaboration with the European Space Agency (ESA) and various European space agencies and private partners, the mission will feature a state-of-the-art QKD system comprising a payload aboard the EAGLE-1 Low Earth Orbit (LEO) satellite, optical ground stationsquantum operational networks, and a key management system. EAGLE-1 marks a significant milestone in next-generation quantum communication infrastructure, providing crucial technical insights and mission data while contributing to the EuroQCI program‘s development. It offers a unique opportunity for public and private entities to test and validate end-to-end Quantum Safe solutions through satellite-based QKD.

Thierry Draus
Thierry Draus - Vice President Business Development at SES

02:45 PM – 03:30 PM

Quantum Technologies for Communications Systems

In this talk, we will explore the exciting advancements in quantum technologies and their transformative impact on communication systems. Starting with an introduction to the Second Quantum Revolution, we will delve into key developments, such as Quantum Communications Infrastructure and Quantum Key Distribution (QKD), which are poised to enhance data security and revolutionize the way we exchange information. Next, we will discuss the concept of the Quantum Internet, a futuristic network leveraging quantum principles for unprecedented communication capabilities. We will also cover Quantum Optimization techniques and their application to solving complex communication challenges, especially within large-scale and evolving networks like 6G.  Finally, we will conclude with prespectives and open research problems offering a roadmap for the development and integration of quantum technologies in the years ahead.

seid koudia
Seid Koudia - Research Associate at University of Luxembourg

03:30 PM – 04:15 PM

Fast and Practical integrated quantum communications systems

FranceQCI and its challenges

We discuss current efforts towards the deployment of a national quantum communication infrastructure in France. These include technologies under development in our academic laboratories as well as benchmark demonstrations at the testbeds in operation in the Paris and Nice regions involving industrial actors spanning the telecom operator, cybersecurity, QKD system provider, photonics and space sectors. We also discuss current challenges in the field of quantum communication and future perspectives.

Eleni Diamanti
Professor Eleni Diamanti - CNRS Research Director at Sorbonne University
Prof. Hugo Zbinden - University of Geneva

04:15 PM – 04:30 PM  

COFFEE BREAK

04:30 PM – 05:15 PM

INT-UQKD : cross-border QKD

Through a set of business-driven use cases, INT-UQKD (“International Use cases for Operational QKD Applications & Services”) will provide global quantum safe communication services upon a hybrid space-terrestrial quantum key distribution (QKD) backbone. By leveraging the QKD technology, together with other classical and post-quantum cryptographic protocols to deliver a practical environment that can be used in the current commercial context, INT-UQKD safeguards the secure exchange of information, the long-term protection of stored data, and the protection of critical infrastructure in the post quantum age.

Thanks to its hybrid space and terrestrial network, INT-UQKD will demonstrate a global quantum safe communication between Redu (Belgium), Windhof (Luxembourg) and Singapore. As INT-UQKD architecture is designed with scalability and interoperability mind, it allows the incorporation of future extensions. These extensions will expend both INT-UQKD geographical reach and operational capabilities, aiming at implementing a resilient, flexible and manageable ecosystem with global coverage enabling quantum secure communication and cryptographic services for private and governmental users.

Patrick Renaux
Patrick Renaux - Senior cybersecurity architect

05:15 PM – 06:15 PM

Presentation of Quantum Demonstrator of GALAXIA in Transinne (Thales Belgium)

Presentation of Quantum Demonstrator of GALAXIA in Transinne (Thales Belgium)

Pisane Jonathan
Jonathan Pisane - Innovation & Product Policy Manager at Thales Belgium

9:00 AM – 9:30 AM

REGISTRATIONS

09:30 AM – 12:30 PM

Poster session (Abstract)

The 3rd edition of the Cyberwal in Galaxia Program will feature an exciting poster competition where 30 posters will be showcased. The best poster will be honored with an Award, which will be presented during the ceremony scheduled for Wednesday, 12/04, in the late morning. An expert jury, consisting of 10 professionals renowned in their fields, will select the winner of this Cybersecurity Award.

Beyond the competition, the poster session offers an exceptional opportunity for participants to present their innovative research and hone their scientific communication skills in front of a diverse audience, including business representatives. This session is much more than a mere contest: it is a true exchange platform. It enables participants to connectshare ideas, and enrich the international cybersecurity community.

We warmly invite studentsresearchers, and professionals to participate in this enriching event. Discover the latest innovations, share your expertise, and immerse yourself in an environment of collaboration and innovation. Join us to celebrate excellence in cybersecurity and contribute to a tradition of impact and continuous progress.

12:30 PM – 01:30 PM

LUNCH TIME

01:30 PM – 03:00 PM

Introduction

A meticulously designed CTF challenge that push the boundaries of conventional cybersecurity knowledge. Attendees will be able to revel in the opportunity to listen to and interact with esteemed experts from the cybersecurity domain, each bringing a wealth of experience and fresh perspectives.

Complementing these, our hands-on demonstrations promise a deep dive into the latest technologies and methodologies, forging a link between academic theories and their tangible, real-world implementations. Join us for a comprehensive exploration of the future of cybersecurity.

Deloitte will invite keynotes speakers to develop on concise and insightful talk on a relevant cybersecurity topic and allow some time for questions and answers.

Nicolas Noël 
Nicolas Noël  - Director, Cyber Risk Advisory at Deloitte
Etienne Caron
Etienne Caron - Manager, Cyber Risk Advisory at Deloitte

03:00 PM – 03:15 PM

coffee break

03:15 PM – 04:45 PM

A meticulously designed CTF challenge that push the boundaries of conventional cybersecurity knowledge. Attendees will be able to revel in the opportunity to listen to and interact with esteemed experts from the cybersecurity domain, each bringing a wealth of experience and fresh perspectives.

Complementing these, our hands-on demonstrations promise a deep dive into the latest technologies and methodologies, forging a link between academic theories and their tangible, real-world implementations. Join us for a comprehensive exploration of the future of cybersecurity.

Deloitte will invite keynotes speakers to develop on concise and insightful talk on a relevant cybersecurity topic and allow some time for questions and answers.

Nicolas Noël 
Nicolas Noël  - Director, Cyber Risk Advisory at Deloitte
Etienne Caron
Etienne Caron - Manager, Cyber Risk Advisory at Deloitte

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 12:15 PM

An Introduction to Smart Contracts Security

This session focus on security aspect of modern financial transactions above blockchains: smart contracts. To do so, the first part of the session will review key theoretical concepts, such as cryptography, hashing, signature, fingerprint, merkle tree) before diving into the notion of block chain and smart contracts.  The Solidity programming language will be introduced and well known attacks will be discussed (e.g., reentrancy attack). In the second part of the session, attendees will have the opportunity to learn how to detect security breaches in smart contracts and how to abuse them for performing an attack.

Benoît Donnet
Benoît Donnet - Professeur at Université de Liège

OR

09:00 AM – 09:45 AM

The blockchain landscape in Wallonia

Wallonia is active in the field of blockchain, and a number of public and private initiatives are already underway. Before presenting some concrete projects implemented in our region, Nicolas Point will outline the two most important federative programs.

The WalChain initiative, which was born of a grouping of Walloon blockchain start-ups, aims to promote ‘Made In Wallonia’ blockchain as an innovative tool for building collaborative and transparent ecosystems, as well as an opportunity to contribute to sustainable economic redeployment in Wallonia. DigitalWallonia4.Trust is an innovative project led by Agoria, Infopole, Agence du Numérique and WalChain. Supported by the Service Public de Wallonie Economie Emploi et Recherche (SPW EER) and Wallonia, this initiative is part of the Digital Excellence program of Wallonia’s digital strategy, Digital Wallonia. DW4TRUST aims to place Wallonia at the center of digital innovation. By integrating blockchain technology into various sectors, DW4TRUST not only improves efficiency, trust and security across businesses, but also opens up new opportunities for growth and innovation.

Nicolas Point
Nicolas Point - Responsable du département IT at MULTITEL
alois
Aloïs Moubax - Program Manager at DigitalWallonia4.Trust

09:45 AM – 10:30 AM

Seamless Blockchain Integration: Transforming Existing Businesses with Innovative Solutions

This session will explore a proven methodology for integrating blockchain technology into existing business systems. We’ll cover key steps, from assessing business needs and designing a tailored blockchain strategy, to implementing and deploying solutions that align with current infrastructure. Attendees will learn best practices for overcoming common challenges, such as data migration, interoperability, and security, while maximizing the benefits of blockchain, including transparency, efficiency, and trust. Real-world case studies will highlight successful integrations in sectors like supply chain, ESG reporting, and Digital Product Passports (DPP).

Harold Kinet
Harold Kinet - CEO at BE Blockchain

10:30 AM – 10:45 AM

COFFEE BREAK

10:45 AM – 11:45 AM

Logion: Blockchain and IPFS to Secure and Certify Sensitive Data

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

David Schmitz
David Schmitz - Founder of Logion
Gérard 2
Gérard Dethier - CTO at Logion

11:45 AM – 12:15 PM

The Future of Blockchain and Web3 in Wallonia

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

alois
Moderator: Aloïs Moubax - Program Manager at DigitalWallonia4.Trust
Nicolas Point
Moderator: Nicolas Point - Head of the IT Department
David Schmitz
David Schmitz - Founder of Logion
Gérard 2
Gérard Dethier - CTO at Logion
Harold Kinet
Harold Kinet - CEO at BE Blockchain

12:15 PM – 01:15 PM

LUNCH TIME

01:15 PM – 04:15 PM

An Introduction to Smart Contracts Security

This session focus on security aspect of modern financial transactions above blockchains: smart contracts. To do so, the first part of the session will review key theoretical concepts, such as cryptography, hashing, signature, fingerprint, merkle tree) before diving into the notion of block chain and smart contracts.  The Solidity programming language will be introduced and well known attacks will be discussed (e.g., reentrancy attack). In the second part of the session, attendees will have the opportunity to learn how to detect security breaches in smart contracts and how to abuse them for performing an attack.

Benoît Donnet
Benoît Donnet - Professeur at Université de Liège

OR

01:15 PM – 02:30 PM

Coming soon

Rectangle-2988
Wim Van Vossel - Proximus

02:30 PM – 03:30 PM

AI-enabled disconnected sovereign cloud in Luxembourg for Europe

Clarence’s core mission is to offer a cutting-edge, disconnected sovereign cloud solution. Based on Google Cloud technology, this unique proposition guarantees the confidentiality and security of the most sensitive information, giving control over data, and offering total autonomy of operation. Clarence respects the highest ethical standards in data protection, confidentiality, transparency and regulatory compliance.

Clarence is the result of a joint venture between Proximus and LuxConnect. A joint venture born of the desire to create a disconnected sovereign cloud, designed to meet the needs of companies wishing to retain control over the integrity of their data and access to it, but also, operationally, to ensure that their operations are carried out on our soil and subject only to European jurisdictions.

The origins of Clarence lie in a shared ambition: to offer users the most advanced Cloud functionalities, while guaranteeing them total control over where their data resides and who has access to it.

What We Do : Combining Innovation and Sovereignty in Cloud Computing

The sovereign cloud solves the dilemma between innovation and compliance. By combining the best of both worlds, it facilitates access to technological innovations while ensuring compliance and protection of sensitive data.

PR_shirt
Pascal Rogiest - General Manager at Clarence S.A.

03:30 PM – 03:45 PM

COFFEE BREAK

03:45 PM – 04:45 PM

Cloud Continuum Security Challenges

EU IPCEI on Next Generation Cloud Infrastructure and Services

Cloud & edge computing are crucial for an interconnected and resilient Digital Europe, as well as for the EU’s geostrategic position and competitiveness in the global economy. IPCEI CIS is the first IPCEI in the cloud and edge computing domain. It concerns the development of the first interoperable and openly accessible European data processing ecosystem, the multi-provider cloud to edge continuum. It will develop data processing capabilities, and software and data sharing tools that enable federated, energy-efficient and trustworthy cloud and edge distributed data processing technologies and related services. The innovation provided by IPCEI CIS will enable a new spectrum of possibilities for European businesses and citizens, advancing the Digital and Green transition in Europe.The main aim of the session is to introduce the main cloud continuum security challenges focusing on relevant topics like Confidential Computing, ultra-high resilience, cloud certification, etc.

photo_jguijarro
Jordi Guijarro - Principal Technologist at Cloud-Edge Innovation

04:45 PM – 05:30 PM

Coming soon

Rectangle-2988
Mike Papadakis -

05:30 PM – 06:00 PM

Round table

Round table on Blockchain in Wallonia

In a world where digital threats are rapidly evolving, the need for advanced solutions to secure sensitive data is paramount. Logion offers an innovative approach by combining blockchain technology with IPFS (InterPlanetary File System). This combination not only ensures the integrity and traceability of data but also guarantees its availability and immutability. Blockchain, with its decentralized nature, provides an unalterable and transparent ledger, while IPFS enables distributed and resilient file storage. Together, these technologies offer a robust alternative to traditional storage solutions, meeting the increasing demands for security in cyberspace. This session will explore how Logion leverages these technologies to provide superior protection for sensitive data, particularly in sectors where confidentiality and security are crucial. Participants will learn how the combination of blockchain and IPFS can not only enhance data security but also facilitate certification and traceability, all while adhering to the strictest privacy standards.

PR_shirt
Moderator: Pascal Rogiest - General Manager at Clarence S.A.
Rectangle-2988
Wim Van Vossel - Proximus
photo_jguijarro
Jordi Guijarro - Principal Technologist at Cloud-Edge Innovation
Rectangle-2988
Mike Papadakis -
Sold out

07:00 PM

Aperitif

07:30 PM

Gala Dinner at the Euro Space Center

08:30 AM – 09:00 AM

REGISTRATIONS

09:00 AM – 10:00 AM

Innovation and judicial police: a winning combination in the fight against crime

The Federal Judicial Police will present its overall vision and the role of technology in achieving it.

The main drivers of our strategy will be outlined to explain their use in our digital transformation and the disruption of our operational processes.

We will provide concrete examples of technological achievements in operations where an inclusive approach has been a key factor in success.

We will then discuss the challenges of operational Big Data and the contribution of AI to our complex processes.

David JAROSZEWSKI - Senior advisor on digital transformation and innovation

10:00 AM – 11:15 AM  

Introduction – The hack of the city of Antwerp and lessons learned (Amphi)

After a brief introduction to the current ransomware landscape, we review the case of the City of Antwerp based on information that was published by the city and in the press over the course of the attack and the months that followed – looking at the IT, operational, communication, reputation and financial impacts of the attack. The presentation is organized as a timeline of events, supported with press clippings and public facts brought ttogether into an exciting story that unravels over time

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

11:15 AM – 11:30 AM

coffee break

11:30 AM – 01:00 PM

Crisis response exercise: the enemy from within (2 rooms)

Participants take the helm of the crisis management team of a fictitious energy producer running its operations across Eastern Europe, and are confronted with a rapidly evolving incident involving the compromission of some of their systems and the potential involvement of an internal system administrator in these activities. The exercise is organized as a succession of briefings from the incident response team and analysis in group to define together a course of action that responds to the events and the questions raised. The response of course consists of technical actions to analyse, isolate, contain and eradicate the threat, but also involves organizational measures and measures in terms of internal and external communication. The exercise is facilitated by seasoned crisis and incident responders Vincent Defrenne and Didier Stevens.

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

01:00 PM – 02:00 PM

LUNCH TIME

02:00 PM – 05:00 PM

Ransomware Workshop (2 rooms)

During the workshop, participants will learn how to deal with this situation step-by-step by challenging them in their knowledge of various infosecurity topics. The goal of this workshop is to provide the participants with a structured approach on how to spot malware and how to deal with incidents caused by modern adversaries. Instructors will be assisting the students towards the full mapping of the incident and will provide a typical solution at the end of the workshop. The situation that the students will have to handle is as follows: “You are part of your company’s Incident Response team. On some idle Friday afternoon, your manager barges in. He has just been notified by the authorities that they have compromised a Commandand-Control server and that they have found systems communicating to that server originating from your company. The board of directors is breathing down his neck to find out what has happened and has asked him to contain this problem as soon as possible. How come we haven’t noticed this? What systems have been compromised? What data is exfiltrated?
Are there still active connections? You immediately coordinate with the authorities and receive an extract of the information they have pulled from the compromised server. And so you quest begins…” The students will work in teams of 2 and will have 4 hours to find out what has happened and to verify if there is still any active connections. During the workshop, the instructors will switch between guiding the participants and challenging them by assuming various positions in the company. The workshop will start with the set up of the participants machines with the tools required. For those participants that may not install such tools on their machine, a Linux-based virtual machine will be available for download or on USB sticks.

Didier Stevens
Didier Stevens - Senior Analyst at NVISO
Vincent Defrenne
Vincent Defrenne - Partner, Cyber Strategy & Architecture at NVISO

05:00 PM – 05:10 PM

Closing words from Cyberwal in Galaxia team

05:00 PM

The end