Session I: 30 October 2023, 14:00-16:00 CET (online)
Session II: 6 November 2023, 14:00-15:30 CET (online)
The training is open to the members of the EDMO Network.
EDMO is pleased to organise a training module on the DISARM Frameworks developed by the DISARM Foundation and promoted widely by Alliance4Europe and others within the counter-disinformation community including in the context of the Taskforce of the 2022 Strengthened Code of Practice on Disinformation. DISARM provides open-source frameworks for fighting disinformation through sharing data & analysis and coordinating effective action. Further training modules that provide a deeper dive on the manipulative behaviours and TTPs (Tactics, Techniques, and Procedures) employed by malicious actors in the context of disinformation will be organized by EDMO in the future.
The DISARM Red Framework of disinformation behaviours draws on the Mitre ATT&CK Matrix used extensively within the cybersecurity community. It is intended for analysts, researchers, decision-makers and communicators, from whichever discipline or sector, to gain a clear shared understanding of disinformation incidents and to immediately identify defensive and mitigation actions from the DISARM Blue Framework that are available to them. The two-part training for the EDMO community of stakeholders aims to provide a starting working knowledge of the DISARM Frameworks and will introduce participants to:
- The purpose, scope, and evolution of the DISARM Frameworks
- How to define the objects used and understand their relationships
- Some actions adversaries can take to mount influence campaigns
- Some actions defenders can take to pre-empt or mitigate adversary campaigns
- How to use the DISARM Tools to navigate the frameworks
- How to tag reports with DISARM TTPs to share with others
- How to tag reports with DISARM counters to share with others
- How to use DISARM to make recommendations in disinformation reports
There will be two sessions, spaced one week apart. Prior to the first session participants will be sent an Introductory Guide to the DISARM Frameworks and links to some disinformation reports that will be used in the training course. Participants will be expected to read these materials prior to the first session.
The first session will cover the topics in the above list. Participants will be given homework which will involve using the DISARM tools to tag a disinformation report and answer questions about the report. This homework can optionally be based upon research or reports that the participants themselves are currently working on or have worked on in the past. The second session will review the homework, provide answers, and provide participants an opportunity to ask questions and to discuss their experience using the DISARM Frameworks and Tools.
Meet your Trainer
Stephen H. Campbell is an information technologist and security analyst specializing in digital influence, cyber threat intelligence, asymmetric warfare, and risk mitigation. As founder of Non-State Threat Intelligence, Chief Technology Officer of the DISARM Foundation, and advisor to eosedge Legal, he encourages clients to take an intelligence-led and collaborative approach toward assessing and mitigating the risk of digital manipulation, cyberattacks, and violent extremism. For details see https://www.linkedin.com/in/stephencampbell/.