The Workshop will respond to important questions to address one of the most important challenges to improve Cybersecurity in the Organizations: “Threat Intelligence and Information Sharing”.

  • Why Threat Intelligence and Information sharing is key to improve European resilience against Cyberattacks?
  • How can enhance Incident and response in general for any sector, but specially in the Financial Sector?
  • How to start, what are the different options?

For this we will count on relevant speakers coming from ENISA, INTESA SAN PAOLO, FS-ISAC, ATOS and CAIXABANK, presenting a complete view of the topic.


Threat Intelligence Information Sharing needs in the Financial Services sector 
In this session it will be described the importance of information sharing in the Financial Sector, description of the benefits and alternatives as well as the future and impact of Information sharing..

Upcoming regulation changes: 
DORA and NIS Preliminary overview of DORA regulation

Threat Intelligence information exchange – practitioners’ view 
The platform in development in CyberSec4Europe project helps gathering information required for the incident reporting. Data collected could be shared to ease threat intelligence. We are working in connecting our platform to TI platforms to share, encrypted, useful data to detect possible threat.


Time (CEST) Title Presenter
11:00 – 11:10 Threat Intelligence Information Sharing needs in the Financial Services sector Ramon Martin de Pozuelo/Mario Maawad (Caixabank)
11:10 – 11:25 Upcoming regulation changes: DORA and NIS Rossen Naydenov / Maria Papaphilippou (ENISA)
11:25 – 11:40 public-private collaboration and crisis response development (e.g. Locked Shields), sharing and impact from European regulations, for starters. John Morgan Salomon (FS-ISAC)
11:40 – 11:55 Threat Intelligence information exchange – practitioners’ view Andrea Mastrigli (Intesa San Paolo)
11:55 – 12:10 Financial Threat Intelligence Sharing pilot in CONCORDIA Ramon Martin de Pozuelo (Caixabank)/Jose Ruiz (ATOS)
12:10 – 12:20 CONCORDIA FTIP platform demo Jose Ruiz/Esteban Armas (ATOS)
12:20 – 12:45 Panel discussion: Future of Threat Intelligence Information Sharing for Financial Services: Trends, drivers and roadblocks All
12:45 – 13:00 Questions and answers


Esteban Armas

Esteban Armas received his Computer Science degree in 2009 at the Polytechnic Institute “José Antonio Echeverría” in Havana (Cuba) and an M.Sc. degree in Computer Science in 2016 and a Ph.D. in Computer Science (2020), both from the Universidad Complutense de Madrid (2020). Currently, Esteban works on Cybersecurity at the Research & Innovation (ARI) department in Atos Spain.

Mario Maawad Marcos

Mario has been working in IT field for over 20 years, including the last 16 years in Digital Security. He has been working at CaixaBank back since 2004, the first bank in Spain, as the Director of Security Innovation & Transformation Mario received a B.S. degree in Computer Science from the Polytechnic University of Catalonia, Barcelona in 1997 and a JD in Law, from the Open University of Catalonia, Barcelona in 2010. He also received a Postgraduate Diploma in Business Banking from the Pompeu Fabra University, Barcelona in 2009. He is a member and has participated actively creating and managing initiatives within the European Payments Council (EPC), Forum of Internet & Response Teams (FIRST), Cloud Security Alliance (CSA).

Ramon Martin de Pozuelo

Dr. Ramon Martin de Pozuelo received the B.Sc. and the M.Sc. degree in Telecommunications Engineering and Ph.D. degree in ICT and its Management (all with honours) by La Salle School of Engineering from Universitat Ramon Llull (URL), Barcelona, Spain, in 2007, 2010, and 2017, respectively. As a researcher in La Salle he participated in several European research and innovation projects related to different fields, especially in the design of heterogeneous data networks and information systems for Smart Grids and Smart Cities, and the definition of network architectures, ICT and security solutions. In 2018 he joined Caixabank as a Project Manager for Technical Fraud Prevention and Security Innovation and Transformation in which he has been managing the participation of CaixaBank in several H2020 projects. He is Certified Fraud Examiner (CFE, since 2018). He is in charge of the CaixaBank MISP instance interconnection with other financial sources and the exploitation of the Cyber Threat Intelligence information data sources.

Andrea Mastrigli

Andrea Mastrigli is Head of Business Continuity, Global Resilience and Crisis Management at Intesa Sanpaolo since 2021. In this crucial role, he is responsible for the supervision of Business Continuity issues and the effective and efficient management of critical IT security and business continuity events that take the form of Complex Accidents, Emergencies or Crises, in order to guarantee and continuously strengthen the Group’s resilience in the face of events adverse. He is also responsible for the obligation to notify the Authorities of serious incidents according to the regulatory requirements. Whit the reference of the COVID-19 Emergency, he supports the Intesa Sanpaolo Emergency Unit for the management at Group level. Before that, he was responsible in UBI Banca for “Cyber and Business Resilience” where he had been dealing with the coordination of the corporate structures of Security Operation Center & Treath Intelligence, Business Continuity Management and Incident Handling, taking care of the evolution and maintenance including Cyber Resilience, Cyber Adversary Simulation, Evolution Models for Business Impact Analisys, Treath Intelligence Evolution & Intelligence Lifecycle, Security Adjustement for Regulatory Areas Implementation of Proactive System for Security Operation Center with technological and organizational solutions.

Rossen Naydenov

Rossen is a Network and Information security expert, focusing on cyber security in Critical Sectors, specifically in Finance. Areas of expertise include Cloud Computing, Big Data and emerging technologies like IoT, Blockchain. He works within the ENISA Policy Development unit, conducting research on topics like security measures, incident reporting and policy implementation. He has more than 15 years of experience in information security collected from various positions in his career. 

Maria Papaphilippou

Maria Papaphilippou is a Cybersecurity Officer at ENISA, the EU Agency for Cybersecurity. At ENISA, she is currently involved in the Health and Finance sectors. In the past, she held positions within the Big4 and the financial sector, which included Advisory and Consulting, Information Security and Information Systems Audit. Maria holds a BSc in Computer Science from the University of Piraeus, Greece, and a MSc in Network Centred Computing from the University of Reading, UK.

José Francisco Ruiz

Mr. José Francisco Ruiz is a senior cybersecurity consultant and technical project manager at Atos. He obtained his bachelor degree and Master Thesis degree in Computer Engineering from the University of Malaga in 2008 and 2012 respectively and is currently finishing his PhD focused on cybersecurity engineering. He has been working in European research projects from more than twelve years in different organizations across Europe. He has lead cybersecurity research activities and act as technical project management in many different projects, among others in FP6 Serenity (security and dependability for AmI), FP7 SecFutur (security engineering for systems of systems), Coco Cloud (security in the cloud), and several H2020 projects. He has been technical project coordinator of the H2020 VisiOn project (security and privacy for public administrations) and is project coordinator of the H2020 project FISHY (cybersecurity for supply chain). Previously he was project coordinator of the H2020 project SMESEC (cybersecurity for SMEs). Additionally, he led the research and creation of a cybersecurity agenda for collaboration of Europe and Japan in the H2020 EUNITY project. His interests include cybersecurity engineering, cybersecurity in the cloud, data protection, and distributed systems. He has also several publications in national and international conferences, journals and books and has served in organization committees and as reviewer in different conferences and workshops. Finally, he is a member of the “Expert Community” of Atos in the cybersecurity domain, and the scientific and innovation committee of ECSO together with being co-chair of the “cybersecurity for verticals” sub-working group.

John Salomon

John Salomon is an information security technology, risk management, and leadership professional with over 20 years experience in financial services, healthcare, and other critical infrastructure sectors. He is based in Spain, and currently manages the activities of FS-ISAC in continental Europe, the Middle East, and Africa.