Sheila Becker is head of network and information systems’ security at Luxembourg’s national institute for regulation (ILR). Library photo: Andrés Lejona/Maison Moderne

Sheila Becker is head of network and information systems’ security at Luxembourg’s national institute for regulation (ILR). Library photo: Andrés Lejona/Maison Moderne

The second Nisduc conference is taking place 25-26 April in Brussels. Delano caught up with Sheila Becker from Luxembourg’s national institute for regulation (ILR) to hear more about the conference dedicated to a new cybersecurity directive.

The Network and Information Security Directive 2 (Nis2), which entered into force on 16 January 2023, aims to . Its goal is to increase the cybersecurity capabilities of countries across the European Union by increasing supervision and promoting cooperation and exchanges of information at the EU level.

The Nisduc2 conference is organised by the Institut Luxembourgeois de Régulation (ILR) and the Belgian Institute for Postal services and Telecommunications, together with the Luxembourg Institute of Science and Technology (List), Luxembourg House of Cybersecurity (LHC) and the Centre for Cybersecurity Belgium (CCB).

Lydia Linna: What is the goal of this Nisduc2 conference?

Sheila Becker: The first Nisduc conference, held in Luxembourg on 10 and 11 May 2022, showed that there is huge interest in the topics around the Nis directive, especially as now the Nis2 directive has been published. Therefore the second edition of the Nisduc conference aims to further develop a user community around Nis and Nis2, and to allow cybersecurity experts to meet up and follow the different developments related to the Nis2.

What are the key themes that will be discussed?

Of course the main discussion will be around the transition from Nis1 towards Nis2 for the operators and for competent authorities. The conference will also allow people to discuss new cooperative aspects like the vulnerability disclosure foreseen under Nis2. Furthermore, the conference also allows to show sectorial specificities or challenges around cybersecurity.

Can you give an example (or two) of the training sessions that will be presented at the conference?

During the conference there will be a training session on the MISP (), which is an open source software to share among sectors technical information (e.g., indicators of compromise) of all sorts of malware.

Then there is also the Nis implementers training, which is a dedicated training for employees of operators of essential services that have to assure compliance around the Nis directive.

The programme looks quite full--is there a particular presentation that you’re looking forward to?

We put a lot of effort in preparing a diverse set of , so I believe that of course all them will be beneficial to gather a greater understanding for Nis and Nis2 and cybersecurity overall. And besides the talk of the ministers [editor’s note: Luxembourg’s prime minister (DP) and Belgium’s deputy prime minister Petra De Sutter are among the speakers], I am really looking forward to follow  in particular the session on voluntary information sharing initiatives on the first day and I am looking forward to hear the discussion around “How will Nis 2.0 mitigate cyber risks?” from the industry perspective.