ETIS Members share Security Best Practices at KPN
Tuesday 23 June 2015
Posted by: Fred Werner
The second ETIS Information Security Working Group meeting of the year was kindly hosted by KPN in Amsterdam on 18-19 June 2015. This event was well attended by 37 participants representing the following companies: A1 Telekom Austria, BT, Deutsche Telekom, KPN, Manx Telecom, NOS, Proximus, Swisscom, TDC, Telecom Italia, Telefonica, Telenor, Vodafone, Detecon, Ericsson, Fortinet, Oracle, Praesidium Services, Symantec, TNO and ENISA.
The objective of this meeting was to share knowledge and best practices in terms of current challenges that impact the Information Security environment. During the first day, the presentations focused on Information Security Governance Strategies, Implications of http 2.0 & SPDY in Security, ENISA Cyber Exercise User Cases and SS7 Vulnerabilities. The second day was filled with presentations covering 4G Security, Cloud & Product Security Requirements, hacking demos and updates on a number of ETIS projects. The group also conducted three surveys on 4G Security, SS7 Vulnerabilities and Cloud security which generated some unique insights for the discussion sessions. The meeting was also preceded by an ETIS Information Security Benchmarking Workshop run by TNO.
An update on the status of the ETIS Threat Intelligence Sharing Pilot Project was also presented to the Members. The project is well underway with Proximus, KPN, A1 Telekom Austria and Swisscom now actively sharing automated threat intelligence. The final results of the pilot will be presented in October at which point all ETIS Members will be invited to connect to the platform. Last but not least, ETIS will be offering a Network Devices Reverse Engineering Course hosted at KPN on June 30 – July 2 in Amsterdam.
The next meeting of the Information Security Working Group will take place on 15-16 October 2015 in conjunction with the annual ETIS Community Gathering in Copenhagen.