Community Building and linking with relevant stakeholders from industry

With this blog post, we’d like to shed light on ECSO efforts linked to the Community Building Task. After initially creating a broad list of stakeholders, ECSO efforts were pointed towards engaging with industry representatives, more specifically Chief Information Security Officers (CISO). Established and coordinated by IRIS partner ECSO, the 1st European CISO Community brings together 354 CISOs, CISO Team Members or equivalent position decision-makers from 28 European countries. This makes it a unique Community in the European cybersecurity ecosystem with one of the main goals being a timely exchange of Cyber Threat Intelligence.

The 1st physical meeting of the CISO Community, CISO Meetup, was held in Brussels in October 2022 with the participation of almost 100 CISOs from 20 European Countries. The IRIS Project was presented by the Project Coordinator, who took advantage of this occasion to invite the CISOs to join the IRIS Stakeholder Group. By joining the Group, CISOs (and Team Members) will gain insights into challenges and solutions on how to share threat information, how to conduct effective threat response, and how to improve incident reporting to CERTs/CSIRTs which has become an essential part of the CISO tasks with the recently adopted NIS2 Directive. 14 individuals sent a request to join the IRIS Stakeholder Group

These individuals represent a group of end-users, security practitioners and decision-makers that will be invited to IRIS Events and provide input through the focus groups and evaluation sessions according to the project needs.

More specifically, the CISO Community was engaged for the IRIS Launch Event, Stakeholder and Industrial Workshops, and will be invited for the Final Exploitation Workshop.

The CISO Community was also asked to provide input on the Survey “Human factors for co-design” for the needs of the IRIS Task “System evaluation and Assessment”. The survey seeks feedback from security practitioners on IRIS technology, more specifically on the social acceptance of technology, taking into account cultural specificities, behavioural patterns and the willingness to adopt innovative cybersecurity services.