Keynote: Maximizing Efficiency in CERT and CDC: Bridging the Gap Between Theory and Practice

The evolving landscape of cyber defence, characterized by the pivotal roles of cyber defence centres (CDCs) and computer emergency response teams (CERTs), presents a complex challenge to safeguarding the defence sector and nation-states against sophisticated cyber threats. This session will delve into the intricacies of automation in cyber defence, the strategic shift towards orchestration, the transformative impact of machine learning, and the art of translating potential threats into actionable intelligence through Natural Language Processing (NLP). Attendees will gain insights directly from field experiences, exploring how these technological advancements are applied in real-world scenarios to enhance cyber resilience.

Automation in Cyber Defence: How do experts balance the efficiency of automated cyber defence mechanisms with the necessity for human intuition in interpreting complex threat patterns? This question will guide our exploration of the current state of automation, shedding light on the successes and challenges faced by practitioners in leveraging automation to streamline threat detection and incident response efforts.

Orchestration as a Strategic Shift: In what ways has the transition from big data analytics to orchestration changed the game for cyber defence operations? Attendees will learn from practitioners about the integration of various cybersecurity tools through orchestration platforms, illustrating how this approach facilitates a more coordinated and agile response to cyber incidents.

Machine Learning’s Transformative Impact: How are CDCs and CERTs utilizing machine learning to proactively detect and mitigate new and evolving cyber threats, such as those posed by connected vehicles? This discussion will provide concrete examples of machine learning in action, demonstrating its capability to analyse vast datasets for pattern recognition and anomaly detection, thereby enhancing predictive cyber defence strategies. Injecting Intelligence into the Decision Process: How can the application of NLP transform unstructured threat information into structured, actionable threat-hunting strategies? The session will reveal how cyber analysts use NLP to interpret human language, extract relevant cybersecurity information, and map it onto known threat behaviours, enriching the proactive hunting capabilities of cyber defence entities and enabling leadership decision cycles concerning defence measures and/or strategies.