Cybersecurity frameworks, mappings and metrics

What works well in practice?
Cybersecurity frameworks, mappings and metrics event banner

The goal of the workshop was to facilitate the exchange of practical experiences in implementing mappings and metrics related to cybersecurity frameworks for the management of enterprise cybersecurity strategies, for c-suite reporting or for demonstrating compliance with regulatory requirements.

Our one-day workshop focused on four sectors: finance, telecom, energy and transport.

Attendees heard presentations from seasoned experts from partner organisations and regulators from across the security and aviation sectors. They shared their experiences, successes and failures, in addition to providing insight into their preferred frameworks, framework mapping and useful metrics.


We invite Chief Information Security, Research and Information Officers (CISOs, CROs and CIOs) of organisations in regulated industries, decision makers in regulatory authorities, managers of national computer emergency response teams (CERTs) to join us for this exciting opportunity to discuss.

Attendance is free of charge, but it is by invitation only - you can submit a registration request via the form below. Your application will be processed and you will receive a confirmation in due course. There will be no commercial presentations nor will there be press presence in the room.



Time Topic Speaker
08:30 - 09:00 Security Check-In and Registration EUROCONTROL Lobby
09:00 - 09:15 Opening Comments with a welcome from EUROCONTROL
Metrics matter
Freddy Dezeure
09:15 - 10:45 Cyber Risk Management in a Complex Regulatory Environment
Financial Services Sector’s Cybersecurity Profile
Josh Magri, Cyber Risk Institute
Ann Lavis, HSBC
Deborah Eng, JPMC
Andra Catincescu, DB
10:45 - 11:10 Coffee break  
11:10 - 12:30 Maturity and Metrics – A Discussion
Industry-led metrics
Our experience with SIM3 model
Failing and successful compliance framework
ATM cyber maturity self-assessment for Management System
Maturity Frameworks and ENISA
Teresa Walsh, FS-ISAC
Matej Salmik, SK-CERT
Nicky Keeley, UK CAA
Stéphane Deharvengt, DSNA
Konstantinos Moulinos, ENISA
12:30 - 13:30 Lunch  
13:30 - 14:45 Standardization – A Discussion
Security standards in a non-standard world
Don't reinvent the wheel
Security Control frameworks
FS Profile at DTCC
A framework that could harmonize the Transport Sector
Dominic Wood, BT
Joachim Pöttinger, Austrocontrol
Suzanne Oyen, Euroclear
Jason Harell, DTCC
Olivier DeVisscher, ER-ISAC
14:45 - 15:10 Coffee break  
15:10 - 16:10 Specific Applications
Security governance at Amadeus
Frameworks and Metrics at Proximus
Securing the supply chain
Cyber security metrics system
Robert Breedstraet, Amadeus
Fabrice Clement, Proximus
Sean Doyle, World Economic forum
Massimo Rocca, EE-ISAC
16:10 - 17:30 Q&A and discussion  
17:30 - 17:45 Concluding Remarks  

Making aviation more resilient

Cyber attacks pose a serious risk to the aviation sector, but we all know that no business will ever be 'cyber-proof'. So what can we do about it?

At EUROCONTROL, we work closely with our partners to build on existing initiatives to create a cyber resilience framework and make it available to all stakeholders across Europe.

Photography and filming

There will be photography and/or filming at this event and your image may be captured by us and used for communications purposes in print or on our website. By registering for the event you are giving us permission to use your image in this way. If you have any questions, contact us.