This workshop introduces Early Warning Intelligence (EWI), a predictive approach that orchestrates cyber defence by anticipating threats before
they materialize. Incorporating structured analytical techniques, we will explore four distinct methodologies for constructing an EWI system:
profile-driven, correlation-guided and hypothesisdriven research approaches and probabilistic attack trees, drawing from practical examples and previously published works.

This workshop will not only dissect these methods but will also argue for the integration of temporary countermeasures—a concept introduced to adjust
cyber defence dynamically in response to elevated threat levels. Examples include tweaking rate limits and bot scores, configuring increased resources,
and temporarily disabling features to mitigate impact, showcasing a shift from static to adaptive security postures.