CISO Round Table - The Reporting Maze

This is an invitation only activity. If you received this invitation from a CISO Tribe member, kindly refer to that member in the registration form. Please do consider that this session is not a lecture; it's a collaborative exploration of innovative ideas, approaches and solutions in a trusted environment where every participant brings valuable insights and experiences to the table. This session will not be recorded.

CISO Tribe and INCIDENTRON kindly invite you to join an open discussion format CISO Roundtable to reimagine the way we handle incident reporting under EU frameworks.

Masters of Ceremony today is Tom Gilis, Group CISO at UCB supported by Wim Barthier from the INCIDENTRON Project

CISO Round Table: When One Incident Isn’t One Report

Cyber incident reporting under EU frameworks such as NIS2, GDPR, DORA, CER and the Cyber Resilience Act has become increasingly complex and fragmented. A single incident can trigger multiple notifications, authorities and timelines placing significant operational strain on both reporting entities and authorities.

Cross border incidents and national transpositions of frameworks further add complexity. On top of that, organisations may and often will face additional reporting obligations from sectoral and/ or national law, and law enforcement collaboration for incidents with criminal elements.

This round table explores that reality from the trenches. It examines how we arrived at today’s fragmented reporting landscape, how it affects organisations in practice, what a more effective future could look like, and which approaches might realistically move us closer to that future. Rather than proposing a final answer, it invites practitioners to explore these questions together.

INCIDENTRON Project

INCIDENTRON is a new European initiative focused on simplifying and improving cyber incident reporting and coordination under NIS2 and related frameworks. The project takes a bottom-up, practitioner-driven approach, starting from real incidents and operational workflows rather than from individual regulations in isolation.

Its core outputs include a cross-regulatory and cross border decision-making model for incident reporting and an open-source architecture and framework intended to support important, essential and critical entities, CSIRTs and supervising authorities, while also enabling European MSSPs and cybersecurity solution providers to turn complexity into business.

Topics covered:

1. Inside the Storm: What subjected entities are really facing. Understanding the Other Side - The Coordination Cliff: Challenges for CSIRTs and Supervising Authorities. How we got here and why we need to do better.
2. Experience and experience sharing from the trenches, moderated group session under guidance from Tom Gilis, Group CISO at UCB
3. Validation of draft attack and incident reporting scenario’s, presented against the high level draft INCIDENTRON opensource architecture - presented by Wim Barthier, INCIDENTRON

The session will not be recorded, a high level conclusion document will be produced. The event will allow INCIDENTRON to validate its research and inform the next project phases.

Agenda:

10h00: Welcome -- Wim Stoffelen, CISO Tribe and INCIDENTRON (NL)

10h10: Introductions Round Table -- Tom Gilis and Wim Barthier (BE)

10h30: Interactive group discussions, 10 minutes per each topic

11h15: Closing remarks