The Telecom Security Forum gathered national authorities and telecom regulators around a busy agenda covering the role of telecom sector in the Ukraine crisis, policy topics like the 5G toolbox and Open RAN, technical topics such as the Flubot mitigation and SS7 interconnection attacks, and future technologies like quantum satellites and post-quantum cryptography. More than 150 participants attended this year’s edition of the Forum.
In addition to the Forum, ENISA also hosted the 37th meeting of the ECASEC Expert Group (European Competent Authorities for Secure Electronic Communications), as well as meetings of the NIS Cooperation group for core internet and digital services, and the 5G cybersecurity group, responsible for the EU 5G toolbox. On Friday, ENISA organizes a knowledge-building seminar for authorities on 5G security and telecom attacks.
The ENISA telecom security forum in a nutshell
In the first session, experts from ENISA, RIPE NCC and the Dutch telecom operator, KPN, gave their perspective on the observed cybersecurity threats and incidents during the Ukraine crisis and focused on the role of the telecom sector. In this session, Ericsson also discussed security issues in 5G networks.
The policy session focused on the recently adopted NIS2 proposal: The European Commission (DG CONNECT) gave an update on NIS2 and its impact on the telecom sector. A panel discussion followed with representatives from ENISA, the Dutch Radiocommunications Agency, Deutsche Telekom, Vodafone and the European Telecommunications Network Operators' Association (ETNO), analysing the NIS2 perspectives and challenges.
The Belgium Centre for Cybersecurity also shared their experiences and initiatives regarding active cyber-protection.
ENISA presented the 5G Security Controls Matrix, a tool for security controls implementation and assessments by regulatory authorities and mobile network operators. ENISA will consult the interested parties on the Matrix before the end of this year.
Strand Consult opened the Open RAN session, giving their perspective. The panellists from EU 5G Toolbox initiators and representing 5G suppliers (CISCO, Ericsson) and providers (KPN) debated on both the opportunities and security considerations of Open RAN following the Commision’s publication.
The technical session focused on security challenges of fog and edge computing, virtualized networks and signalling systems (SS7, Diameter). There were contributions from the Hellenic Mediterranean University, the ETSI Technical Committee for Cybersecurity, ETSI TC CYBER, ENEA Adaptive Mobile Security and POST Luxembourg.
Quantum technologies and post-quantum cryptography were the central topics of the presentations from the Emerging & Disruptive Technologies Department of DG CONNECT and French cybersecurity agency ANSSI. The Belgian telecom operator Proximus described their experience with the telecom specific SMS malware, Flubot.
To finish the 2022 Telecom Security Forum, ENISA, gave a sneak-peak of the telecom’s incidents statistics for 2021, ahead of ENISA’s Annual Report, due to be published by the end of July, and presented ENISA activities in this field.
The 2021 Annual Report for telecom security incidents contains reports of 168 incidents submitted by national authorities from 26 EU Member States and 2 EFTA countries.
ENISA will continue to work with the Member States and the sector to address emerging cybersecurity challenges and regulatory initiatives.
The presentations given by the experts during the forum will be available shortly: ENISA Telecom Security Forum - Agenda
Established in 2010, the ENISA ECASEC expert group, formerly known as the ENISA Article 13a group, consists of about 100 experts from national telecom security authorities from all EU countries, the EFTA countries, and EU candidate countries. The group exchanges information and good practices on telecom security. It produces policy guidelines for European authorities on the implementation of EU telecom security rules and publishes an annual summary report about major telecom security incidents. Check out the ENISA ECASEC EG portal, and https://www.enisa.europa.eu/topics/incident-reporting/for-telcos, where you can find the most recent publications and information about the group.
For questions related to the press and interviews, please contact press(at)enisa.europa.eu
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!