Conference Program
Defending Civilian MVI in Cyberspace. Lessons Learned.
MAJ Paweł WOLIŃSKI; Polish Cyber Command
The presentation will describe the difference between vital infrastructure for military missions and civillian companies, how to establish cooperation, and how to set up sensors to gather network traffic and logs. I will also describe the next steps which are monitoring, detection and threat hunting. At the end, key lessons learned will be presented.
AI for Document and Data Processing in Finance and Logistics
AXIANS
Practical approaches to leveraging AI for the extraction, processing, and analysis of data from financial and logistics documents such as invoices, contracts, delivery notes, and internal records. The focus will be on how AI can support process monitoring, anomaly detection, and compliance with both regulatory and internal requirements. We will also address data preparation for AI model training, including anonymization techniques to ensure privacy and data protection. The solution is designed to operate completely securely, without requiring access to the internet or cloud services, making it suitable for sensitive environments with strict security and data sovereignty requirements.
Latest Trends of AI in Threat Detection and Response
Microsoft
This presentation explores the latest trends in threat detection using Statistical Language Models (SLM) and Large Language Models (LLM). We will discuss two key use cases: how SLM helps detect phishing attempts and how AI increases the speed of incident analysis, transitioning from automated to autonomous systems. These advancements significantly enhance cybersecurity strategies, making threat detection and response more efficient and effective.
Rapid and Secure Mission Delivery and Cybersecurity
Amazon Web Services
To outpace our adversaries, warfighters need modern software—innovations to meet changes in the environment and that meet shifting battlefield priorities, rapidly and securely. This same software needs to work reliably, even as it modernizes—and without vulnerability to cyberattack. AWS helps you get there with landing zones, infrastructure as code, and DevSecOps architectural guidance.
Building a Multisource Threat Intelligence Platform in Classified Environments: AI Opportunities and Challenges
Ikarus
Deploying a threat intelligence platform in a secret or air-gapped environment introduces a unique set of operational and technical challenges—especially when aggregating, normalizing, and correlating data from multiple CTI sources. This session explores the architecture, deployment, and trust model considerations for implementing a multisourced threat intelligence platform in classified domains. We will examine how artificial intelligence and machine learning can assist in automating correlation, clustering related threats, and enhancing the analytical value of raw CTI. However, the talk will also highlight critical limitations and pitfalls, including explainability, bias, and data siloing. Practical lessons learned from real-world deployments will be shared to guide both defense planners and threat analysts toward more resilient and usable CTI ecosystems.
Weaponized AI: From Autonomous Malware to Strategic Misinformation
prof. Ing. Zelinka Ivan, Ph.D.; Department of Computer Science Faculty of Electrical Engineering and Computer Science VŠB-TUO
The lecture focuses on the misuse of advanced AI across various domains of hybrid conflict: – AI-generated code capable of reverse-engineering defense systems – AI-powered social botnets that disrupt public discourse through personalized manipulation – Malware with reactive mutation capabilities, utilizing reinforcement learning during runtime – LLM-based systems capable of conducting remote conversational psychological operations The session will also include an overview of emerging research trends in so-called “off-the-loop adversarial autonomy,” where attacks occur without direct operator control and may evolve independently, even beyond their original intent.
Wars of Today are Won with the Help of Information.
ALEF
Wars of today are won with the help of information. Our presentation will demonstrate how the upcoming armored vehicles, equipped with the LMCP platform from Optokon and the Splunk (Cisco) data analytics tool, transform data into a decisive advantage. You'll see simulated dashboards based on anonymized data, showcasing how Splunk processes machine data, generates alerts, monitors system health, and predicts maintenance needs. The session offers a practical look at how to integrate cybersecurity, physical security, IT operations, and platform health into a single, clear dashboard—without compromising sensitive information.
State-of-the-Art Cyber Training Preparedness for Military Organization: Developing an Effective Cyber Training Program
SANS
The presentation offers a strategic blueprint for building and sustaining a world-class cyber-training program inside a modern military organization. It distills best practices from actual past engagements, leveraging international workforce frameworks (NIST NICE, DCWF) and focusing on expedited timelines (8-14 weeks) with highly accountable results (>95% success rate), all of which are crucial in today's dynamic ecosystem.
AFCEA Europe Presentation
Rear. Adm. Massimo Esposito (ret.); AFCEA International’s general manager, AFCEA Europe
The changing nature of modern conflicts is characterized by the exploitation of new ways to fight (hybrid warfare) and by the growing importance of new confrontational domains/dimensions (cyber, cognitive, information), alongside the traditional ones. In this new environment, Emerging and Disruptive technologies are playing a key role and could provide a new Revolution in Military Affairs.
Legal Challenges in the Research and Development of Dual-Use Technologies in Cyber Defense and Cybersecurity
prof. JUDr. Radim Polčák, Ph.D.; Vice-rector for development, legal and information technologies, Masaryk University
For relatively long time, the development of dual-use technologies was not in the scope of mainstream research in Europe funded by other public sources than those specifically dedicated for defense. Consequently, there developed a significant research gap in many highly relevant fields, including active measures and active measures in cyber-defense and cybersecurity. The paper will discuss general legal dilemma in this field that is know as the paradox of big guns and relates to proportionality of fundamental rights protection in the development of offensive cyber-capabilities. In addition, there will also be discussed unresolved scientific formalities that are relevant for academic promotional proceedings. These formalities do not directly affect research but act as a strong motivating (or de-motivating) factor in aiming of primary and applied research in defense and dual-use technologies.
Supply Chain Compromise Live
Progress
State-sponsored threat actors and cybercriminals are bypassing preventive measures, exposing organizations to ransomware, service disruptions, cyber espionage, and intellectual property theft. Attackers often operate undetected for months, leaving traces in network traffic. A second line of defense using AI-based techniques is essential to analyze traffic and uncover hidden threats. This is where Network Detection & Response (NDR) plays a vital role—enabling early detection, isolation, and remediation before attackers achieve their objectives. One of the most dangerous methods is supply chain compromise via trusted systems or applications. While NDR cannot prevent such intrusions, it effectively detects and mitigates them. A live demo will simulate a supply chain attack, showing unauthorized access, data exfiltration, and operational disruption. Each attack phase will be analyzed through network traffic footprints, offering technical audiences insight into detection strategies.
CYBER MISSION ASSURANCE: The importance of national CIV-MIL cooperation from a perspective of collective defence
COL Miroslav ČAČÍK; National cyber defence commander and the Director of the Cyber Defence Centre of the Slovak Republic
In general, the Ministry of Defence and the Armed Forces play a key role in ensuring cyber mission assurance for critical national infrastructure, including the railway sector. As digitalization of railway systems increases, so do the associated cyber threats, requiring a coordinated defense approach. This presentation explores how military capabilities and strategic frameworks support the resilience and protection of railway operations. Emphasis will be placed on cooperation with civilian stakeholders, incident response readiness, and the integration of cyber defense into national security planning. The aim is to highlight the importance of a proactive, mission-focused cyber posture in safeguarding transportation infrastructure.
Cyber Security National Strategy
Mgr. Petr Procházka; Department of National Strategies and Policies, NÚKIB
This lecture will introduce the strategic framework and objectives of the Czech Republic’s National Cybersecurity Strategy for 2026, developed by the National Cyber and Information Security Agency (NÚKIB).
The Role and Position of Artificial Intelligence in Building Cyber Resilience
prof. Mgr. Roman Jašek, Ph.D.; DBA Tomas Bata University in Zlin, Faculty of Applied Informatics Department of Informatics and Artificial Intelligence
Artificial intelligence is set to become an indispensable tool in modern defense strategies for ensuring cyber resilience. With its ability to analyze vast volumes of data in real time, AI can swiftly and efficiently detect cyber threats and respond to them automatically. Within military operations, AI provides critical situational awareness and optimizes planning processes, thereby enhancing both operational effectiveness and security. Furthermore, AI-supported autonomous systems reduce risks to human personnel and enable deployment in hazardous environments. The future role of AI lies in its continuous and adaptive response to emerging threats.
Secure Tactical Radio Communication System of the Czech Armed Forces
OPTOKON
The presentation will briefly introduce the tactical radio communication system implemented in Czech Armed Forces vehicles as part of ongoing modernization projects. It will also outline the related security requirements across the network layer, virtualization and operating system layers, and the application layer. The presentation will include a cybersecurity solution concept for the system, along with a brief overview of the implemented technologies and services.