Accessibility

Accessibility

Text size

In all popular web-pages it is possible to increase and decrease font size by holding Ctrl-key (in OS X Cmd-key) and pressing “+” or “-“-key. It is very convenient to use mouse: holding Ctrl and scrolling mouse central scroll button. It is possible to go back to normal size pressing Ctrl and 0-keys.

If you think you see this text unintentionally

It might happen, that some elements of our webpage or platform did not arrive to you as planned, they are served from some buffer (cache). To resolve it, please try to do “hard refresh”, hold down Ctrl (Control) + Shift and click R.
For more information about hard refresh in different systems and browsers, please choose some of the results of Google Search: browser hard refresh.

Still no help with actual content?

Second option will be to try to clean up the cache on your own browser. Please choose some of the appropriate results of Google Search: browser clear cache.
After that, you might refresh your query again or order new login token to be sent to your email once again.

Still no help?

Sorry for inconvenience. Please take a snapshot of your browser configuration by visiting webpage www.whatismybrowser.com and send the unique link of it to EU CyberNet Headquarters by email .

Thank you!

Search

Members-only Seminar on Vulnerability Assessment

The 7th LAC4 members-only seminar, led by Sangsoo Jeong, joining from Seoul through the cooperation with CAMP and KISAs and expert Priit Kaup, focused on strengthening national approaches to Vulnerability Management and Assessments.

The session highlighted the vulnerabilities specific to the public sector, highlighting the limitations of traditional frameworks like the Common Vulnerability Scoring System (CVSS) and the risks posed by blind spots in existing assessment methods. Participants reviewed real-world case studies, including unauthorised transfers in Mexican banks, to understand practical implications and lessons learned. The session also introduced a new methodology combining CVSS with Exploit Prediction Scoring System (EPSS).

The second part of the seminar focused on examining the importance of adopting a risk-based methodology, assessing vulnerabilities according to business impacts and prioritising the most critical assets. Participants learned the need for clear asset ownership, management supports and the use of simple, meaningful metrics to track exposure and progress. The session also covered the common challenges of keeping a clean asset inventory and introduced practical methods for developing a reliable one.

Overall, the seminar provided LAC4 members with a comprehensive overview of public-sector vulnerability challenges, real-world incidentss and the limitations of traditional assessment frameworks. It also emphasised the value of a risk-based methodology, clear asset ownerships and practical tools for maintaining an accurate asset inventory.

Most important takeaways from the seminar:

  • Adopt a risk-based approach to vulnerability management, prioritising assets according to business impact and potential threat.
  • Establish clear asset ownership and ensure management support to maintain an effective vulnerability management programme.
  • Use practical tools and methodologies for scanning, analysiss and detection of vulnerabilities across networks and critical systems.
  • Prioritise remediation efforts on the most critical vulnerabilities, especially in government and critical infrastructure environments.
  • Build and maintain accurate asset inventories, including shadow IT, cloud resourcess and legacy systems, using both automated and manual methods.
  • Apply structured workflows and automation for patching and remediation, with compensating controls when immediate fixes are not possible.
  • Management support is vital for a well working vulnerability management program
  • Understand public-sector challenges and the limitations of traditional frameworks like CVSS.
  • Leverage new methodologies such as the combination of CVSS and EPSS to improve detection, prioritisations and response.
  • Learn from real-world cases and simulations to bridge theory with practical application, enhancing overall cyber resilience.
  • Shift from reactive to proactive strategies, integrating vulnerability assessment into broader cyber risk management practices.

LAC4 remains committed to supporting its members in enhancing their capabilities to identify, assess and mitigate vulnerabilities in critical systems. The seminar was attended by 170 stakeholders and policymakers from LAC4 Participant Nations. It was specifically designed for cybersecurity stakeholders and policymakers from LAC4 member countries, including Antigua and Barbuda, Colombia, the Dominican Republic, Ecuador, El Salvador, Guatemala, Honduras, Panama, Uruguay, the Bahamas and members of RedCLARA.

Keep reading similar articles
Members-only Seminar: a Legal Architecture and a Common Framework

The seminar focused on the development of a coherent legal architecture and a common cybersecurity framework in Latin America, beginning with an introduction to the NIS 2 Directive adopted by the European Union in 2022 and the cybersecurity situation in Czech Republic. The session highlighted that, although many countries in the region are aligning with international standards, adapting these frameworks to local institutional, technical and economic realities remains a significant challenge.

LAC4 is Supporting the Bahamas’ Cyber Resilience with National Cybersecurity Risk Assessment

LAC4 in cooperation with EU CyberNet is supporting the government of the Bahamas with its national cybersecurity risk assessment. Conducted with the capacity of EU CyberNet Expert Pool, the assessment supports implementation of the Bahamas’ national cybersecurity strategy in establishing a robust national cybersecurity posture.
At HackConRD 2026: Artificial Intelligence in Cybersecurity

EU CyberNet Expert Carlos Polop delivered a session on using artificial intelligence in cybersecurity and pentesting at HackConRD 2026 conference on 28 March 2026 in Santo Domingo, the Dominican Republic.

Save the Date: CyberWeek@LAC4 2026 Takes Place November 17-20

The 5th CyberWeek@LAC4 and 0ct0b3rf35t will take place in Santo Domino, the Dominican Republic from 17 to 20 November 2026.
Following Up the In-person Workshop for SME-s Held in March 2025 in Guatemala

LAC4 organised an online follow-up training on 26 March 2026 to SME-s that participated in in-person workshop in March 2025 in Guatemala. Training focused on evaluating participant’s cyber resilience one year after the training and offer additional knowledge for strengthening cyber resilience.

Her CyberTracks Programme Launched to Empower Women in Cybersecurity

The 4th edition of the CyberTracks programme, co-organised by LAC4 and partners is open for applications to bring together more women in cybersecurity across globe for an intensive training journey to equip them with skills and knowledge for success in cybersecurity. Deadline to apply is 19 April 2026.

This site is managed and run by the Estonian Information System Authority

EU CyberNet® 2020-2026

Privacy Policy Contact