08:15-09:00 Registration / Coffee & tea
09:00-09:10 Welcome by Monica Kello
09:10-09:50 Keynote by Juan Andrés Guerrero-Saade: Becoming Ungovernable
09:50-11:00 Session 1:
Eugenio Benincasa & Mei Danowski, Not One, Not Many: How China Scales Cyber Operations [TLP:GREEN]
Presentation by the Dutch Intelligence and Security Services (AIVD/MIVD) [TLP:AMBER]
Daniel Gordon, Let Them Cook? What A New North Korean Group Means for the DPRK Threat Landscape [TLP:AMBER]
11:00-11:40 Coffee break
11:40-12:50 Session 2:
Tom Moester & Rebecca Lumley, Needle, Meet Haystack: Curating high-quality threat intelligence at scale [TLP:CLEAR]
Melissa Griffith, Digital Infrastructure Under Fire: Data Centers, Drones, and Global AI Ambitions [TLP:CLEAR]
Gil Baram, Faster Than the Playbook: How AI-Enabled Cybercrime Outpaces IR, Attribution, and Cross-Sector Coordination
12:50-14:00 Lunch break
14:00-15:30 Session 3:
Robert Lipovský, Cybersabotage against Poland’s Energy Sector – The DynoWiper Attack
Verena Wingerter & Brian Carter, The Anomaly of NastyShrew: Unmasking FSB Operations Through Their Own Noise [TLP:AMBER+STRICT]
Hakan Tanriverdi, Doppelgänger reaching out [TLP:RED]
Julia Voo, Competing without losing legitimacy: democratic constraint in the information environment [TLP:GREEN]
15:30-16:00 Coffee break
16:00-17:30 Session 4:
Liz McQuillan, Beyond the Hype: AI and Influence Operations [TLP:GREEN]
Julian-Ferdinand Vögele & Paul May, The Blueprint for a Modern Commercial Spyware-Maker? [TLP:RED]
Saher Naumaan, Wartime Signals: What Iranian Phishing Reveals About Cyber Operations in Conflict [TLP:AMBER+STRICT]
Joe Slowik, The Erosion of the Neutral Web and Private Responsibilities In Maintaining It
17:30-17:40 Closing reflections by Paul Chichester and Jelle van Haaster
17:40-17:45 Conference closing by Monica Kello
17:45-19:00 Drinks