Pre-Dinnerfor anyone arriving to Bonn earlier (not-sponsored)
Session 1: "Welcome and Introductions"

- Welcome from the host and Core-team

- Roundtable of introductions including an ice breaker: You are invited to share updates from your company, most recent challenges and initiatives you took, but also what you expect from the 2-day meeting ahead of you.

Session 1: (continuation) "Priority Setting Session and updates on NIS2 and DORA implementation"

What are the biggest BC priorities in your company at this moment?

Can you share and explain why and what would you like to gain from our group - in terms of knowledge to go forward.

Coffee Break
Session 2: "Visit to the DT Security Operations Center & discussions with DT colleagues"

In addition to the agenda focusing on business continuity and crisis management, we will visit the new security operations center of Deutsche Telekom, which controls cyber defense for DT and external customers.

Lunch
Session 3: "Supply Chain SecurityDiscussion on Subcontractors"

Roundtable discussion:

• What kind of security contracts are you establishing?
• How do you manage suppliers – BCM related ones
• What kind of Audits for continuity and disaster recovery do you expect?
• How you manage sub-contractors?
• How you bring all your security controls into the contract? How harmonised?

Session 4: "Increasing the autonomy for the mobile network"

Presentations expected from members related on managing power shortages and similar disruptions.

Coffee Break
Session 5: "Best Practices on using (gen)AI tools in BCM"

Roundtable: Each participants brings experiences from their organisation.

A longer, introduction presentation is welcome.

Session 5 (continuation): "Dependence on Digital Transformation and AI for Incident Response"

Presentation from DT

Dinner in a nearby restaurant (ETIS-sponsored)
Session 6: "Best Practices in Risk Management in European Telcos"

What risks are out there on operational and enterprise levels? Others, less attended to on the aggregate level?

How geopolitical developments affect these?

Members are invited to prepare presentations in advance.

Session 7: Visit to the "Telekom Design Gallery"

In addition to the agenda focusing on business continuity and crisis management, we will visit the T-Gallery, where it is demonstrated how digitalization and networking can support both people and companies in a meaningful way – at home, on the move, in the office, in the store, and in industry.

Coffee Break
Session 8: "Real-Time Incident Management and Communication"
Lunch Break
Session 9: "Defining Impact Models for Incident Management"

Discover telcos define impact models for incident management - We are inviting members of the Task Force to prepare their input.

Short guide, how to prepare your presentation / discussion points:

• Present Your Current Impact Categories: How your organization currently categorizes impacts (e.g., service, financial, reputational, regulatory)
• Talk about team size, being one time or are responsibilities split among more teams
• Dive into Recent Incident Case Studies: Bring examples of recent incidents your team has managed, focusing on the impact on services, customers, and compliance
• Is your approach to the Incident Man. process decentralised or centralised?
• Showcase your Incident Response Metrics: your organization's KPIs for incident response times, recovery objectives (RTO/RPO)
• What is the number of incidents reported internally vs externally (how mature are you in reporting and how do you keep the view on it internally?)
• Mention Critical Services and Dependencies: an outline of your network's most critical services and their dependencies
• Touch upon Regulatory Requirements
• List Current Incident Prioritization Challenges: Identify any pain points your team faces with incident prioritization or classification

Session 9: "Roundtable on topics to be addressed in the future of BC Task Force"

Whiteboard input by all participants