ETIS Information Security in Telecommunications



Similar documents
ETIS News Topics - December e-telit Editorial

ICT budget and staffing trends in the UK

ENISA What s On? ENISA as facilitator for enhanced Network and Information Security in Europe. CENTR General Assembly, Brussels October 4, 2012

. ABOUT AS

ICT budget and staffing trends in Healthcare

ROADMAP. Proposal on a European Strategy for Internet Security

How To Write An Article On The European Cyberspace Policy And Security Strategy

Cybersecurity for ALL

Overview of ITU Cybersecurity Activities

UK Networks & Security An Overview. Dr Andrew Powell, ENISA Workshops on CERTs in Europe, 29 May 2008

EU policy on Network and Information Security and Critical Information Infrastructure Protection

The Partnership between Dolphin & Telecom Italia Sparkle

VOIP CONSUMER RETAIL OFFERS

EU Priorities in Cybersecurity. Steve Purser Head of Core Operations Department June 2013

Cyber security in an organization-transcending way

Prof. Udo Helmbrecht

National Contact Management Strategy

What legal aspects are needed to address specific ICT related issues?

Solution & Service Portfolio for the Telco Market.

The Role of OSGi Technology in the Home Gateway Initiative (HGI) and End to End Connectivity and Service Provisioning

Business Continuity Planning

S E P T E M B E R Welcome to Our World. The Global VoIP Company NASDAQ: IBAS 12/05

NIS Direktive und Europäische sicherheitsrelevante Projekte Udo Helmbrecht Executive Director, ENISA

Dr. Vangelis OUZOUNIS Senior Expert Security Policies ENISA.

Cyber security initiatives in European Union and Greece The role of the Regulators

Decisioning for Telecom Customer Intimacy. Experian Telecom Analytics

Customer Experience Strategy and Implementation

IP Telephony and ENUM

FAQ to ENISA s report on technologies to improve the resilience of communication networks

SmartShore Offerings. Your Gateway to Knowledge Process Outsourcing and Remote Infrastructure Mgmt.

COMMISSION STAFF WORKING DOCUMENT. Report on the Implementation of the Communication 'Unleashing the Potential of Cloud Computing in Europe'

Council of the European Union Brussels, 4 July 2014 (OR. en) Mr Uwe CORSEPIUS, Secretary-General of the Council of the European Union

BT Unified Trading communication. The Future Delivered

Action Plan for Canada s Cyber Security Strategy

Address C-level Cybersecurity issues to enable and secure Digital transformation

Grid Computing: Telco Perspective

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

Powering Up the Network: A Report on Small Business Use of E-business Solutions in Canada

Digital Entrepreneurship: The EU vision, strategy and actions

Cyber Security Strategy

Supporting CSIRTs in the EU Marco Thorbruegge Head of Unit Operational Security European Union Agency for Network and Information Security

3 rd Informal Cyber Security Experts Forum Round Table discussion on Cyber Security

Osterman Research Executive Summary

OUTCOME OF PROCEEDINGS

The rise of the hybrid network model

Cloud Business Case G-Cloud 5 Framework

Customer analytics case study: T-Mobile Austria

Customer Experience Management

Revenue Enhancement and Churn Prevention

Assuring Telecom (Infrastructure and Services) An Operations Perspective

Lith Networking and Network Marketing Safety

Nationwide Deployment of Social Alarms in Sweden

National Cyber Security Strategies

Webinar: FTTH Market in Europe Status and Analysis. Moderator: Jan Schindler Chair Market Intelligence Committee FTTH Council Europe

Cyber Security for Railway Signalling

European Distribution System Operators for Smart Grids

Getting a 360 customer view with SAP Business Communications Management (BCM)

Global Mobility Outsourcing

Cyber Security in EU: ENISA approach

THE INFOCROSSING SECURE BOUNDARY SERVICE

Horizon 2020 Secure Societies

Telzed Limited Courses and publications

ICT MASTER PROGRAMME for Information Security / Mobile Services

HybridIT Practice Builder

Network Security Provider Achieves Uninterrupted Voice Services 24x7x365 Worldwide

Presentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012

European Organization for Security (EOS) - Description and Envisaged Activities for 2012

Overview of DG INFSO R&D on Trust & Security

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

How to change your Internet Service Provider

Cybersecurity Strategic Consulting

COMMISSION OF THE EUROPEAN COMMUNITIES

Infocomm Security Masterplan 2

Business Plan 2012/13

Transcription:

ETIS Information Security in Telecommunications ENISA workshop on providers resilience 29 October 2009, Paris Fred Werner, Business Development Manager - ETIS

Mission & Vision» What is ETIS? ETIS is a membership based organisation which brings together the major telecommunications providers in Europe on key information and communication technology (ICT) issues.» ETIS Mission The mission of ETIS is to enable its members to improve their business performance by personal exchange of information on using ICT effectively.» ETIS Vision The ETIS vision is to be the acknowledged best platform for sharing knowledge on the use of ICT in Telcos.

ETIS Pillars of Activity

ETIS Members» ETIS represents 25 Telecom providers supplying voice, mobile and data services all over Europe» Total revenue from ETIS Members was estimate at over 270 Billion euro in 2008

ETIS Partners & Associates Associate Members contribute technical competence to our working groups and events and gain feedback on user requirements. ETIS Partners are non-profit international bodies with whom we share knowledge on complementary ICT issues

Information Security Working Group» What is the ISWG? In January 2004, the Information Security Working group was established as a follow up to a meeting at the Global Security Conference in Sophia Antipolis in November 2003. The working group is currently chaired by Andy De Petter from Belgacom and boasts around 30 members from 20 companies. Meets 3-4 times a year, phone conferences, discussion forums, etc» Role of the group The role of the group is to share knowledge and experiences among members concerning Information Security and related matters and when relevant provide requirements to the industry. To help the members protect their information assets and infrastructure The group is the only Information Security group to concentrate on the telecom market.

ISWG Topics Some of the main topics addressed Security Benchmarking Resilience, recovery & business continuity management Anti-SPAM, Anti Phising, Data Retention, Data Privacy Security Culture & Information Security Awareness Campaigns Identity Management & TOP Level Policy Document (TLPD) Value & ROI of Information Security Projects Security Governance models ebusiness Security Revenue Assurance & Financial losses due to security breaches Managed Security services The threat of terrorism from a Telco s perspective Sarbanes-Oxley, compliance and Policy IT Network & client Security Architecture Security in the Supply chain & trends in Security Outsourcing

ETIS Security Benchmark 2009 Participating Telcos: TDC, Belgacom, KPN, Telecom Italia, Telekom Austria, Turkcell, TeliaSonera and OTE Objective with the Benchmark: Compare Security strategies and approaches among ETIS member companies, thereby enabling these providers to determine which specific aspect of security require attention within their respective organisations. The following themes are covered in depth: In-depth themes 1. Corporate Security Function 2. Security Management 3. Commercial role of security 4. Fraud Management 5. Security in the development process Exploratory themes 1. Business Continuity Management 2. Next generation security readiness 3. Infrastructure security 4. International cooperation

CSF size by security area Corporate Breakdown security of fte CSF per size area by (per security billion EUR area revenue) [FTE per billion EUR revenue] 16,00 14,00 12,00 10,00 8,00 6,00 4,00 Differences in CSF set up reflect the choices each operator has made with respect to incorporating specific security areas. 2,00 0,00 A B C D E F G H Information Security Physical Security Fraud Management Personnel Safety Lawful Interception IT & network security Business Continuity Management Internal Investigations Security of products and services Other

Business Continuity Plans & NGN Security Only half of the benchmark participants have a specific BCM policy in place, but all have Business Continuity Plans. Maintaining coherence in these Business Continuity Plans is a difficult task and testing and exercising them only occurs sporadically. Whilst telcos are rapidly embracing Next Generation Network (NGN) infrastructure and services, most of their security units still work with traditional security architectures, baselines and methodologies.

ETIS Anti-Spam Co-operation Group The target of the group is to learn and to get feedback on success stories and to develop tangible action plans for reducing outbound SPAM, accepted and shared among best-in-class antispam ISPs reduce the ingress SPAM and so to improve their own QoS by helping others in reducing egress SPAM In this context ETIS Anti-SPAM Co-ordination Group it the glue for trusting each other, for sharing knowledge, for developing a common European ISPs Anti-SPAM strategy Most effective best practice is to block port 25

Turk Telekom s success after blocking Port25 17 June 2009 Rank: 1 23 September2009 Rank: 9

TI s success after implementing best practices The goal of the TI Anti-spam working group, established in 2008 was to get Turk Telekom and Telecom Italia off the top 10 Autonomous System published on TrendMicro. TOP 10 Spammer TrendMicro 3-04-2008 TOP 20 Spammer TrendMicro 14-09-2009 Both the objectives have been reached successfully 13

BT s BCM pan EU Network discussion Too costly for any one operator to build separate ductways etc By pooling resources across a number of network operators, and creating additional resilience in the transport and switching Gateways, a smarter, more secure BCM network could be set up, with each country retaining it s own primary routes, therefore not negating any reach advantage of operators. Is anyone else discussing this? Any pilot projects under way?

Future plans for the ISWG ETIS Security Benchmark 2010 IMS/VoIP security from a Telco perspective Resilience in European e-communication Networks Partnerships: ENISA, CIIP European Public-Private Partnership for Resilience, Member of EU expert panel on Data Retention Next meetings: - 28/29 January, hosted by Bizanga in Paris - 20/21 May, hosted by KPN in the Hague - 14/15 October, hosted by TeliaSonera in Stockholm

To join the Information Security Group or Anti Spam Task Force contact: Fred Werner, ETIS Business Development Manager fw@etis.org - Tel. +32.477.674.836 - www.etis.org

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information