Restaurant: "Restaurant & Pizzeria Lucca Due
" - Haarlemmerstraat 130, 1013 EX Amsterdam, Netherlands
Link: https://maps.app.goo.gl/rbKWHRABEz69pXCD9
Every participant prepares a short, 10 min input on recent challenges, threats, incidents, projects, and future plans in their organisations and especially SAW departments.
Participants are also invited to share what expectations they have from our 2-day meeting.
• Altice Portugal
• Deutsche Telekom
• Elisa
• Fastweb
• Huawei
• KPN
• Proximus
• Swisscom
• Vodafone Germany
In this workshop (continuation of the work stream from the Prague meeting) telco SAW professionals will share insights and practical experiences on implementing the NIS 2 Directive.
The focus will be on managing internal threats: conducting impactful security awareness training, fostering a culture of accountability, enforcing robust internal policies, and leveraging simulations to prepare for real-world scenarios.
Participants will have the opportunity to discuss challenges, exchange best practices, and collaboratively identify innovative solutions to enhance resilience against internal cyber risks while ensuring compliance with NIS 2 requirements.
Members from telecom operators who have experience from the legislation being adopted in their countries or in countries where there organisation has subsidiaries, are invited to prepare a presentation.
- Presentation slot #1: tbc, 15'
- Presentation slot #2: tbc, 15'
- Q&A session, 15'
- Workshop time: 2 groups, 45 min
The 2 groups from the morning session will come together as 1 and present the outcomes from their workshop.
- Presentation of approach and conclusion in each group, 10' each
- Identification of priorities and common goals, 10'
- Drafting a list of recommended actions for each telecom operator in Europe.
- Post-Meeting action: List to be circulated to 20+ other operators that are members of ETIS, for further input.
Group members focusing on development of KPIs for SAW programmes met in Prague (June) and in a webinar on 5th November this year. The product of the webinar was a list of best practices.
In this Session, we will focus on expanding and improving that list (Shared on OneDrive).
Introduction (and moderation) will be done by Marcus Bayer (Swisscom), 15'
Workshop involving all participants:
- Category (Efficiency; Quality; Acceptance; Change of Behavior; Campaign Reach)
- KPI-name (e.g. NPS, click rate, …)
- Specification (How it works)
- Benefit (Why it's useful)
Next step: Specification of the objectives and determination of the further course of actions
"Sea Palace Restaurant": Oosterdokskade 8, 1011 AE Amsterdam, Netherlands
https://maps.app.goo.gl/LBnJcoveT4wvHHJc8
A Chinese Restaurant with fantastic food set in a traditional style Asian house.
Presentation proposals from telcos and suppliers are welcome in this session.
You are invited to bring a 20-min max. long presentation.
- "The 4A security strategy in KPN: Adaptive, Automate, Aware and Assure", by Vladimir Cibic, CISO, KPN, 15' + Q&A
- "The New Security Mandate in Fastweb", Raoul Brenna, Fastweb, 15' + Q&A
- Presenter #3 - TBC, 15' + Q&A
During the founding meeting in Prague, the group decided to create a "Marketing-Kit to strengthen resilience of an organization".
The Security Awareness Task Force will split into 2 groups during this session to start drafting this Kit.
In the next ETIS Gathering in Athens, Greece, in June 2025, the focus will be on Resilient telcos - where the announcement of the outcome of this group work can be made and perfected.
KEY STARTING POINTS:
Purpose and Goals: Why security awareness is critical for telecom operators.
Target Audience: Brief personas (e.g., employees, contractors, management).
Scope: Focus on cybersecurity threats specific to telecoms (e.g., phishing, insider threats, data breaches).
GROUPS:
Group A: Content Creation Team.
Group B: Strategy & Deployment Team.
Slot reserved to complete the guideline started on Day 1 (if needed).
How to standardize foundational cybersecurity rules for employees across their organizations? Let's discuss.
Participants are incentivised to start creating a practical, ready-to-implement framework. A version that can later be shared with other operators in ETIS.