Don’t we just love a good security incident! A couple of years ago Wannacry targeted computers all around the world just days before a TF-CSIRT meeting, and there was no presentation that did not cover it. Last week we ‘got lucky’ again – the recent Confluence issue gave attendees of the joint SIG-ISM and WISE meeting a lot to talk about. The meeting took place in an unusually sunny and warm Kaunas in Lithuania on 16-18 April, kindly hosted by LITNET, and brought together information security experts from over 20 organisations.

The programme was intense: the two groups worked together and separately on a variety of subjects during the three-day meeting. After four years since the latest joint gathering in Barcelona, the first day was spent catching up, discussing activities, working groups and results. It was the first SIG-ISM – WISE meeting since the start of the GN4-3 project, which now includes a new security work package. Nicole Harris (GÉANT), the Security Baselining task leader, shared her task’s mission and plans. Charlie van Genuchten (SURFnet), who led the crisis management event CLAW in 2017 and 2018, created a crisis simulation atmosphere by running through last year’s workshop scenario and invited participants to join CLAW 2019.

The second day started with Bob Cowles (Trusted CI) presenting work carried out on the other side of the Atlantic, where the NSF Cybersecurity Centre for Excellence is leading the Trusted CI Framework for Open Science Cybersecurity Programmes. Christian Fötinger (University of Applied Sciences Augsburg) shared recent research results on security KPIs and reporting.

After the parallel sessions, the rest of the day was spent picking each other’s brains in interactive exchanges about coordinated communication challenges, planning an awareness campaign for October (European Cyber Security Month), providing feedback to the new Introduction to Risk Management course materials created by Alf Moens (SURFnet), and participating in a Security Baselining discussion and a tabletop exercise to test existing Risk Assessment and Management documents. If it sounds like a lot – believe me, it was!

Michel Gerdes (DFN) kicked-off the third day by posing a GDPR related question: “One year on – where are we today?” The session revealed that work still needs to be done in this area and recommendations, useful tools and process best practices can be created and improved by collaborating with colleagues from other organisations. Some of this work will be part of the security work package in the GN4-3 project, but support from groups such as SIG-ISM and WISE will be continuously required and welcome.

The day ended with the agreement to form a joint working group on Security Communications Challenge Coordination and continue to work together on an Inventory for Security Officers; this working group will play a coordinating role and will be led by David Group (NIKHEF).

Participants rated the meeting highly and expressed the wish to take part in future joint gatherings, at least once a year, and the next event has been pencilled in calendars for spring 2020: so much can be still achieved through collaboration, with or without a major incident to discuss.

If you would like to join one of the groups or find out more about their activities and other work on security carried out in the R&E community, join us at the Security Day at TNC19. Register here: https://eventr.geant.org/events/3083