Schedule

Abstract: Regulation is not only about compliance but about strengthening resilience across critical infrastructure, and digital services. Lasting security comes from cooperation between regulators, entities, and incident response actors to build a safer digital ecosystem together.

Abstract: This talk will explore the University of Luxembourg’s unique cybersecurity challenges, from managing Shadow IT and sensitive research projects to ensuring compliance with evolving regulations like GDPR and NIS2. Our approach combines robust technical measures with cultural integration, fostering awareness and collaboration across all academic levels. By aligning security with research needs, we strengthen resilience and protect the university’s mission in an increasingly complex threat landscape.

Abstract: This talk presents VLAI, a transformer-based model that predicts software vulnerability severity levels directly from text descriptions. Built on RoBERTa, VLAI is fine-tuned on over 600,000 real-world vulnerabilities and achieves over 82% accuracy in predicting severity categories, enabling faster and more consistent triage ahead of manual CVSS scoring. The model and dataset are open-source and integrated into the Vulnerability-Lookup service.

Abstract: A presentation to show why talking about risks is the most effective way to improve your company’s cybersecurity. With a (very) personal examples to explain what a risk is and how to manage it in order to live with it.

Abstract: When full disk encryption do not do what you expected, and you should be aware of it. I will show, what will happen with the plaintext data, that was stored on a disk before full disk encryption got activated. Use-case: Imagine you used a NTFS formatted disk unencrypted for a while, for example on a Windows based system. Now you like to reuse the disk on your Linux workstation and protect the data with LUKS full disk encryption. Can we recover some of the older data later on?

Abstract: Large language models (LLMs) constitute a powerful and impressive tool, capable of understanding and generating human-like text. However, they struggle with distinguishing between developer instructions and user input, a vulnerability that can be exploited to manipulate the model into producing harmful or unintended outcomes. This talk aims to raise awareness of these issues and highlight the potential risks involved in using LLMs.

Abstract: The session will give a brief introduction into Locked Shields, the worlds largest cyber defense exercise. It will give some details about the luxembourgish participation and highlight the opportunities in terms of education and research.

Abstract: Resilience is not (only) a technical topic. But how resilient can you really be if you do not control your operations? How much insight do you need? How much experience? Asking the right questions is key for a solid planning – especially on the long term.