Author Archives: user469294

University of Tartu is looking for professor of cryptography

1 Reply

Vacancy: UT, Institute of Computer Science, Professor of Cryptography
Duties and responsibilities: Development of curricula and courses in Cryptography. Teaching subjects related to Cryptography. Supervision of PhD and Master students. Successful application for research grants, administration of them and performing the research required under the grants. See also job description.
Required qualifications: PhD or an equivalent qualification in the relevant field See also requirements for teaching and research staff.
Required experience: Teaching experience at the university level, experience in supervising Master and PhD students. Administrative and research competence needed to provide the leadership in organising research.
Required language skills: Excellent command of English. Knowledge of Estonian is desirable but not essential.
Workload 1,00; and the classroom teaching load at least 128 academic hours per calendar year
Salary According to UT salary rules, depending on the candidate’s qualification and the level of experience. See also UT salary rules.
Starting at 01.01.2018
Deadline: 03.08.2017

Position fields can be interpreted rather broadly. Cryptography classic and quantum, post-quantum; privacy preserving data mining; privacy and security; new technologies like blockchain; from theoretical to more applied backgrounds. It is important to have a broad view of the field in order to be able to help our curriculum development goals as well as lead research in broad spectrum with many smaller more independent groups. Cryptography has been one of University of Tartu and Estonian ICT sector strongholds, many opportunities for local collaborations exist and could be developed.

Appointments will be for indefinite contracts, i.e. at immediately “tenured” level, with standard performance reviews every 5 years. Since university rules are flexible, internationally competitive levels can be negotiated dependent on ability to attract funding, international collaborations, visibility, etc.

Links:
http://www.ut.ee/en/welcome/job-offer/professor-cryptography

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2016/2017

Leave a reply

Managing Security Risks Using Attack-Defense Trees
Abstract: The In this thesis, we have addressed risk management using Attack Tree. The contribution to resolve the problem in this thesis includes three steps. Obtaining an alignment from Attack-Defense trees to ISSRM. Measurement of the metrics of the nodes of tree using historical data.
Student: Salman Lashkarara
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Meelis Roos
Defense: 01.06.2017, Tartu, J.Liivi 2-404

On Secure Bulletin Boards for E-Voting
Abstract: In this thesis, we propose a formal model for analysis of security and functionality of a bulletin board system motivated by the security requirements Culnane and Schneider introduced in Computer Security Foundations Symposium 2014.
Student: Annabell Kuldmaa
Curriculum: Computer Science (MSc)
Supervisor: Helger Lipmaa
Reviewer: Ahto Buldas
Defense: 01.06.2017, Tartu, J.Liivi 2-404

Research and Proof of Concept of Selected ISKE Highest Level Integrity Requirements
Abstract: This work takes integrity domain under detail research to meet ISKE requirements and security objectives demanded for data with highest integrity needs.
Student: Deivis Treier
Curriculum: Cyber Security (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Andrey Sergeev
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Method for Effective PDF Files Manipulation Detection
Abstract: The aim of this thesis is to ease the process of detecting manipulations in PDF files by addressing its source code, before having to use other methods such as image processing or text-line examination.  The result is the construction of a solid and effective method for PDF file investigation and analysis to determine its integrity.
Student: Gema Fernández Bascuñana
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Inna Ivask, Raimundas Matulevičius
Reviewer: Hayretdin Bahsi
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance
Abstract: This paper provides a proof-of-concept solution for being compliant with operating system hardening requirements of the company by establishing, implementing and auditing Linux (Debian) operating system hardening standard.
Student: Martin Jõgi
Curriculum: Cyber Security (MSc)
Supervisor: Truls Tuxen Ringkjob, Raimundas Matulevičius
Reviewer: Marko Kääramees
Defense: 02.06.2017, Tartu, J.Liivi 2-404

A Prototype For Learning Privacy-Preserving Data Publising
Abstract:  This master thesis will discuss different threats to privacy, discuss and compare different privacy-preserving methods to mitigate these threats. The thesis will give an overview of different possible implementations for these privacy-preserving methods. The other output of this thesis is educational purpose software that allows students to learn and practice privacy-preserving methods.
Student: Rain Oksvort
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Benson Muite
Defense: 05.06.2017, Tartu, J.Liivi 2-404

Filesystem Fuzz Testing Framework
Abstract: In the present thesis a fuzz testing framework was built, which can be used for finding time-of-check-to-time-of-use type bugs in Linux filesystems.
Student: Vladislav Alenitsev
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos, Kristjan Krips
Reviewer: Karl Tarbe
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Performance Testing Bulletin Board Implementations for Online Voting
Abstract: This work takes a look at two software solutions that can be used for such purpose and analyses their performance in testing environment imitating real election workload.
Student: Marek Pagel
Curriculum: Computer Science (BSc)
Supervisor: Sven Heiberg, Janno Siim
Reviewer: Ivo Kubjas
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Cybersecurity theses defence on June 9, 2017 in Tartu J. Liivi 2-403 at 10.00 AM.
Defence Committee: Raimundas Matulevičius (chairman), Olaf Manuel Maennel, Vitaly Skachek, Meelis Roos, Hayretdin Bahsi.
Grades received (random order): A, B, C, C, D.

Improving and Measuring Learning at Cyber Defence Exercises
Abstract:  This thesis takes a fresh look at learning in Cyber Defence Exercises (CDXs) and focuses on measuring learning outcomes. As such exercises come in a variety of formats, this thesis focuses on technical CDXs with Red and Blue teaming elements.
Student: Kaie Maennel
Curriculum: Cyber Security (MSc)
Supervisor: Rain Ottis, Liina Randmann, Raimundas Matulevičius
Reviewer: Sten Mäses
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Federation of Cyber Ranges
Abstract: This study compares two cyber ranges and looks into possibilities of pooling and sharing of national facilities and to the establishment of a logical federation of interconnected cyber ranges. The thesis gives recommendations on information flow, proof of concept, guide-lines and prerequisites to achieve an initial interconnection with pooling and sharing capabilities.
Student: Allar Vallaots
Curriculum: Cyber Security (MSc)
Supervisor: Jaan Priisalu, Uko Valtenberg, Raimundas Matulevičius
Reviewer: Rain Ottis
Defense: 09.06.2017, Tartu, J.Liivi 2-403

A New Heuristic Based Phishing Detection Approach Utilizing Selenium Webdriver
Abstract: In this paper, we focus on detecting login phishing pages, pages that contain forms with email and password fields to allow for authorization to personal/restricted content. We present the design, implementation, and evaluation of our phishing detection tool “SeleniumPhishGuard”, a novel heuristic-based approach to detect phishing login pages.
Student: Ahmed Nafies Okasha Mohamed
Curriculum: Cyber Security (MSc)
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Hayretdin Bahsi
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Analysis of Exploit-kit Incidents and Campaigns Through a Graph Database Framework
Abstract: A great deal of automation can be achieved here by using public APIs such as VirusTotal, whois databases, IP blacklists, etc during the analysis and a first part of our work is dedicated to that. We will then show that this approach reveals patterns and clusters from which decisions can be made from a defensive perspective.
Student: Guillaume Brodar
Curriculum: Cyber Security (MSc)
Supervisor: Toomas Lepik, Raimundas Matulevicius
Reviewer: Arnis Paršovs
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Investigation of JTAG and ISP Techniques for Forensic Procedures
Abstract: This thesis is focusing on JTAG and ISP physical acquisitions techniques. The aim is to give an overview of these techniques from a forensic point of view and in addition to some other tests will try to prove that are forensically equivalent to any other method.
Student: Stefanos Pappas
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Raimundas Matulevičius
Reviewer: Emin Caliskan
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Links:
https://www.cs.ut.ee/sites/default/files/cs/kaitsmiste_ajakava_1_2_5_06.pdf
https://www.cs.ut.ee/sites/default/files/cs/kaitsmiste_ajakava_6_7_8_9_06_.pdf

Cyber Security master’s theses defense in Tallinn University of Technology (May 2017)

Leave a reply


Monday, May 29, 2017, Akadeemia Tee 15a, Room ICT-315.

Grades received (random order): 5, 4, 4, 3, 3, 3, 2, 2.

Time: 10:00
Student: Kristjan Oja
Title: Cyber Security Awareness For IT Students Through Practical Assignments
Supervisor: Sten Mäses
Reviewer: Tiia Sõmer

Time: 10:40
Student: Sander Arnus
Title: Providing guaranteed log delivery and proof value of logs
Supervisor: Risto Vaarandi
Reviewer: Tiit Hallas

Time: 11:20
Student: Bolaji Ayoola Ladokun
Title: An Analytical Approach to Characterization of Targeted and Untargeted Attack in Critical Infrastructure Honeypot
Supervisor: Hayretdin Bahsi
Reviewer: Risto Vaarandi

Time: 12:00-13:00 – Lunch

Time: 13:00
Student: Iryna Bondar
Title: LUDROID: Evaluation of Android Malware Detection Tools and Techniques and Development of a First Line of Defense For the User
Supervisor: Emin Caliskan
Reviewer: Toomas Lepik

Time: 13:40
Student:  Seifollah Akbari
Title: A New Method for the SYNful Knock Attack Implementation
Supervisor: Truls Ringkjob
Reviewer: Bernhards Blumbergs

Time: 14:20
Student: Safak Tarazan
Title: GPS Spoofing/Jamming Resilient Mini UAV Implementation Strategy
Supervisor: Truls Ringkjob
Reviewer: Juhan Ernits

Time: 15:20
Student: Danielle Morgan
Title: Security of Loyalty Cards Used in Estonia
Supervisor: Rain Ottis, Arnis Paršovs
Reviewer: Aleksandr Lenin

Time: 16:00
Student: Katrin Kukk
Title: Ensuring the digital continuity of e-Estonia in different crisis scenarios
Supervisor: Rain Ottis
Reviewer: Jaan Priisalu

Tuesday, May 30, 2017, Akadeemia Tee 15a, Room ICT-315.

Grades received (random order): 4, 4, 3, 3, 2, 1.

Time: 10:00
Student: Christopher David Raastad
Title: Euro 2.0 – Securing an Ethereum Crypto Fiat Currency System
Supervisor: Alex Norta
Reviewer: Raimundas Matulevicius

Time: 10:40
Student: Mobolarinwa Taofeek Balogun
Title: Comparative Analysis of Industrial IoT and HealthCare System IoT for Cyberterrorism
Supervisor: Hayretdin Bahsi
Reviewer: Ahto Buldas

Time: 11:20
Student: Chengxiang Wang
Title: Classification of Black-Box Security Reductions and Oracle Separation Techniques
Supervisor: Ahto Buldas
Reviewer: Peeter Laud

Time: 12:00-13:00 – Lunch

Time: 13:00
Student: Celik Neslisah
Title: Anomaly Detection Using Locked Shields Logs
Supervisor: Olaf Maennel
Reviewer: Mauno Pihelgas

Time: 13:30
Student: Sophio Sakhokia
Title: Developing a Cyber Security Master Programme for Georgia
Supervisor: Tiia Sõmer
Reviewer: Olaf Maennel

Time: 14:20
Student: Zaghum Awan
Title: Analytical Comprehensive Approach to Cyber Laundering and its Solutions
Supervisor: Tiia Sõmer
Reviewer: Andro Kull

Oberthur will produce Estonian ID cards from 2019

Leave a reply

id_card_blank

The Police and Border Guard Board (PPA) and French company Oberthur Technologies signed an agreement on Thursday for the production of Estonia’s ID cards, permanent resident cards, digital IDs and diplomatic IDs after the current manufacturer agreement expires at the end of 2018.

Oberthur Technologies will be responsible for the manufacture of the card and chip as well as and linking the document to personal data. It will also be responsible for the functioning of the card. The French company will manufacture and personalize the cards in Estonia.

The value of the five-year contract is approximately €40 million. Under the new agreement, the expenses of the PPA for the manufacture of the ID card will remain at the present level.

A tender committee, which in addition to PPA experts included experts from the Estonian Information System Authority, the Ministry of the Interior and the ministry’s IT and Development Centre, chose the offer by Oberthur from among three different offers.

This was already the second tender. In the first tender Safran Morpho was chosen as the winner. The results of the first tender were appealed by two other participants – Oberthur Technologies and Gemalto/Trüb AG. The result of the appeal was that the current contract with Trub AG was prolonged for one more year.

In a public procurement tender of the Estonian Police and Border Guard Board three renowned European ID producers submitted their offers. The tender committee chose the offer of Safran Morpho as the winner, the Police and Border Guard Board said.

The German company Trub AG, which last year was acquired by Gemalto, has been manufacturing ID cards for Estonia since 2001.

It is notable that this is the first tender in the last 15 years, where PPA decided to make participation in tender available to wider range of companies. Previous contract extensions with Trub AG were justified by “potential security risk avoidance reasons”.

Update: Gemalto and Safran Morpho appealed in court the results of the tender.

Links:
http://news.err.ee/592722/ppa-signs-deal-with-france-s-oberthur-to-produce-ids-beginning-2019
http://www.baltic-course.com/eng/good_for_business/?doc=119884
http://uudised.err.ee/v/eesti/d5436b80-2965-4a27-9e3d-92953dc4fd4f/id-kaardi-kujundus-vahetub-hiljemalt-2018-aastast
http://arileht.delfi.ee/news/uudised/konkurendid-kahtlustavad-40-miljoni-eurose-ppa-hanke-juures-valemangu?id=74676029
http://tehnika.postimees.ee/3577961/kas-sel-korral-laheb-teisiti-riik-on-seni-tellinud-id-kaarte-vaid-uhelt-ettevottelt
http://tehnika.postimees.ee/4140063/laane-suurettevotted-kaebasid-eesti-politsei-kohtusse

Personal data processing by state systems wider than it should

Leave a reply


The first issue concerns state systems querying more personal data from X-Road than required:

In March a service was added to the Eesti.ee online portal that allows users to see which government institutions have accessed their personal data. According to daily Eesti Päevaleht, there are plenty of illegal queries. As the paper wrote on Tuesday, the Unemployment Insurance Fund, the E-Health System, notaries, and plenty of others regularly break the law by accessing people’s personal data without a legally valid reason.

What happens is that every time e.g. someone’s general practitioner accesses their data, the system automatically also displays their immediate relatives and their personal ID codes. This data represents a series of illegal queries by the system. “Thanks to the data tracker it has become clear that the information systems of plenty of institutions apply only the broader query also for their services that don’t require the data of connected persons. Those institutions where the problem has come up are already improving their systems,” the Data Protection Inspectorate’s press spokeswoman, Maire Iro, said. According to Iro the inspectorate does not have a complete overview of all the institutions affected, but that local government, liquidators, and notaries had already begun to check their queries.

The second issue is about recent law amendments and interest of state institutions to perform mass data processing on wide range of personal data:

Director General of the Estonian Data Protection Inspectorate (AKI) Viljar Peep sent a letter to Minister of Jutice Urmas Reinsalu this week expressing concern about extensive data processing by state agencies, first and foremost by the Estonian Tax and Customs Board (MTA). An amendment to the Taxation Act entered into force on April 1 which granted the MTA access to a large number of databases for risk assessment, i.e. tax intelligence, purposes, reported daily Eesti Päevaleht (link in Estonian). The tax authority primarily requests information from transaction databases of the Central Commercial Register, the Traffic Register and the Land Register. The Police and Border Guard (PPA) and the Estonian Road Administration have expressed interest in similar access to databases.

“In the initial bill, data processing was in no way hindered, meaning that the MTA could have even looked at a person’s e-health data,” Peep recalled. “Thankfully this was limited somewhat during proceedings.” According to the director general, the issue is that Estonia lacks legislation that would regulate mass data requests. “Yes, it is specified in the Law Enforcement Act and the misdemeanor procedure how to conduct inquiries regarding specific violations, however mass data processing cannot be conducted by the same rules,” he stressed. “It is important that every authority not begin making up it own rules.”

Links:
http://news.err.ee/590473/state-systems-illegally-passing-around-personal-data-on-massive-scale
http://news.err.ee/591100/data-protection-inspectorate-concerned-by-state-agencies-data-collection

Cyber Security Support Group formed in the Riigikogu

Leave a reply

Members of the Riigikogu formed the Cyber Security Support Group on Thursday, electing Arto Aas (he was chairman of the Riigikogu’s EU Affairs Committee at the time he had his Dropbox access data stolen. Source: ERR) as a chairman and Kalle Palling as a deputy chairman of the group.

The support group was founded with the objective of promoting the development of cyber security in Estonia, strengthening cooperation between the private and public sectors as well as raising society’s awareness of cyber security, according to a Riigikogu press release.

Others members of the Cyber Security Support Group of the Riigikogu include Keit Pentus-Rosimannus, Jüri Jaanson, Lauri Luik, Jürgen Ligi, Ants Laaneots, Laine Randjärv, Kalle Laanet, Madis Milling, Yoko Alender, Aivar Sõerd, Urve Tiidus, Taavi Rõivas, Remo Holsmer, Eerik-Niiles Kross, Kristen Michal, Erki Savisaar, Raivo Aeg and Jaanus Karilaid.

Will see in a year how productive the group will be.

Links:
https://www.riigikogu.ee/en/press-releases/others/cyber-security-support-group-formed-riigikogu/
http://news.err.ee/589915/cyber-security-group-formed-in-riigikogu

Employees of foreign embassies to be issued diplomatic eID card

Leave a reply

The Ministry of Foreign Affairs on Friday acquainted heads of the representations of foreign countries and international organizations with a new diplomatic ID which will provide employees with a digital identity giving them access to Estonian e-services, spokespeople for the ministry said.

“It’s unique in the EU and hopefully will encourage other countries to make more rapid progress in e-Europe development,” said the minister.

Digital diplomatic IDs will enable both the physical and electronic identification of an individual as well as provide access to Estonian e-services. Users will receive an Estonian personal identification number that will make it easier for employees of foreign diplomatic representations to handle official business in Estonia.

New type of identity document. Probably will contain the same data as ID card, but will have a bit different look and will be issued to a specific group of people.

Links:
http://news.err.ee/588887/employees-of-foreign-embassies-to-be-issued-digital-ids
http://www.ituudised.ee/uudised/2017/04/10/valisriikide-saatkondade-tootajad-eestis-saavad-digitaalse-diplomaatilise-isikutunnistuse
https://twitter.com/Karen_van_S/status/850306183093211136

 

Ten years since cyber attacks following 2007 Bronze Night riots

Leave a reply

Opinion by Jaan Priisalu, at that time the head of SIRT at Swedbank:

Jaan Priisalu, senior researcher at Tallinn’s NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), told ERR in an interview last week that through Estonia’s initiative and the public debate that followed the attacks, a topic was now getting attention that before was talked about only behind closed doors, and that some even looked at as an embarrassment.

Estonia’s 2008-2013 cyber strategy shows that after the attacks, development in the field went in several different directions. As Priisalu puts it, the strategy was a collection of the lessons learned, and based on them, a system to respond to this sort of incident was put in place.

People involved in cyber security were brought together and asked what could have been done differently, and what else should have been done. Instructions were written up, lines of communication laid out, and a cyber security curriculum put together at the Tallinn University of Technology (TUT). With it, systematic education in the field of cyber security began in Estonia.

Opinion by Klaid Mägi, the current head of CERT-EE:

Estonia’s capability to manage cyber crises has substantially improved over the past ten years, CERT Estonia chief Klaid Mägi said at a conference dedicated to the 10th anniversary of the April 2007 cyber attacks.

According to Mägi, compared to ten years ago, Estonia is substantially more capable of managing cyber crimes. “We have created systems that identify attacks and protect [us] from them, have practiced cooperation with public and private institutions, have substantially contributed to improving the knowledge of end users and are taking part in substantial international cooperation in order to manage crisis situations better,” he highlighted.

Links:
http://news.err.ee/592075/estonia-s-reaction-to-cyber-attacks-influenced-global-security-policy
http://news.err.ee/592250/cert-chief-estonia-s-cyber-crisis-management-capability-improved-in-decade

HITSA is looking for a chief information security officer

Leave a reply

HITSA announces a competition for the post of information security manager.

The main area of work for information security manager is launching and maintaining an information security management system, evaluating its performance and making the necessary improvements to ensure an adequate level of security for information assets of HITSA.

Come to apply if:
• You have a university degree in the field of IT;
• You have worked in the IT field for at least three years;
• You have the knowledge of information security organization and security project design and implementation experience;
• You have knowledge of information systems and their principles of operation;
• Have Estonian language skills at advanced level, both oral and in writing, and you have a good level of sector-specific English speaking and writing skills;
• You show initiative and have organizational potential, teamwork and independent work skills, analytical thinking, reliable and good to increased levels of stress.

For our employees we offer:
• Opportunity to contribute to the development of Estonian education information system in the field of information security;
• Good working conditions;
• 35-day vacation;
• Supportive team.

Deadline for applications is 31 May 2017. Work starts in September 2017.

Links:
http://www.cv.ee/toopakkumine/hariduse-infotehnoloogia-sa/infoturbejuht-f3315468.html
http://hitsa.ee/uudised-1/tookuulutus-hitsa-otsib-infoturbejuhti

Oxford Training Session: Cyberspace and the State

Leave a reply

This 3-day training session is centred around the topics of opportunities and threats emerging in an information society, involving discussions about digital services, personal authentication methods, international cyber threats and e-elections. These discussions are not only important from a technical point of view, but also need to take into account political, governance, social and legal aspects.
This training session is mostly aimed at students with non-IT background, who, as future leaders and experts in their own respective fields should still be aware of the opportunities created by the information technology, as well as of the risks involved.
The first two days of the training session contains topical lectures, on the third day of the event, a practical cyber crisis simulation exercise will be carried out.
The training session is offered free of charge, graduates will receive a certificate from the University of Tartu (2 ECTS), as well as a certificate of attendance by the University of Oxford

DAY 1: FRIDAY, APRIL 28
09:30 – 10:00 Registration to the training session
10:00 – 10:30 Welcoming and course introduction (Lucas Kello, Oxford)
10:30 – 12:00 Lecture 1: Computing and Networks: The Basics (Ivan Martinovic, Oxford)
12:00 – 13:00 Lunch break
13:00 – 14:20 Lecture 2: Computer Security: Authentication and Biometrics (Ivan Martinovic, Oxford)
14:20 – 14:30 Short break
14:30 – 16:00 Lecture 3: An Independent Assessment of the Procedural Components of the Estonian Internet Voting System (Jason Nurse, Oxford)
16:00 – 16:20 Short break
16:20 – 17:30 Lecture 4: National and International Security in the Cyber Age (Lucas Kello, Oxford)

DAY 2: SATURDAY, APRIL 29
08:30 – 09:00 On-site registration
09:00 – 10:20 Lecture 5: Russian Cyber Operations: Disruption and Subversion (Lucas Kello, Oxford)
10:20 – 10:30 Short break
10:30 – 12:00 Lecture 6: Government as a Platform (Robert Krimmer, Tallinn Univ. of Technology)
12:00 – 13:00 Lunch break
13:00 – 14:20 Lecture 7: Law Enforcement’s Access to Extraterritorial Data (Anna-Maria Osula, University of Tartu)
14:20 – 14:30 Short break
14:30 – 16:00 Lecture 8: Strategic Dilemmas in Cyberspace (Max Smeets, Oxford)
16:00 – 16:20 Short break
16:20 – 17:00 Simulation exercise briefing (Lucas Kello, Oxford)

DAY 3: SUNDAY, APRIL 30
08:45 – 09:00 On-site registration
09:00 – 09:30 Simulation exercise set up (Oxford teaching staff)
09:30 – 13:00 Cyber Crisis Simulation Exercise
13:00 – 14:30 Lunch break and group discussion
14:30 – 15:30 Post-exercise debriefing: Decision-making in a Crisis (Lucas Kello, Oxford)
15:30 – 15:50 Short break
15:50 – 17:00 Course conclusion (Lucas Kello, Oxford)

Links:
https://sisu.ut.ee/oxfordsessions/overview?lang=en
https://www.facebook.com/events/1144747528981361/