Technology, networks and society are moving forward at a rapid rate. Technologies are evolving more and more rapidly. ICT networks are in a permanent change of states with known devices connected, unknown things and applications connecting, other disconnecting, with network functions being virtualized, new services being added, services being segregated, services being discontinued, etc. 

These changes in technologies impact society while user behaviours are also in constant evolution.
This track discusses how such rapid rate of change affects the security of networks, devices and users, and how does security keep pace.

Objectives of this session:

  • To find common challenges across the breadth of technology in staying secure in an evolving landscape
  • To recognise best practice in different technologies of how security can keep pace with rapid change, finding the benefits and limitations in replicating these approaches across industry
  • To identify more immediate technical challenges that will arise in the next year
  • To explore the incentives for developing, deploying and adopting security
  • To understand how best to address these immediate challenges and how what we do now will impact the future

Target audience:
Attendees with either technical and policy backgrounds will find value in these sessions, from government, industry or academia.

  • AGENDA 20 June 2019
  • 9:00
     

    Thread introduction: Presentation of Topic, Problematic and Structure of the Day
    Alex Leadbeater, ETSI TC Cyber Chairman, BT

  • 9:10 SESSION 1 : 5G Networks, chaired by Alex Leadbeater, ETSI TC Cyber Chairman, BT
  •  
     

    5G networks will have to support rapid and frequent changes due to virtualization, edge computing, cloud technologies, IoT devices and different verticals relying on 5G networks. This session will discuss how security of 5G networks keep pace with such rate of change.

  • 9:10
     

    5G and Other Stories: Evolving Security in an Evolving World
    Steve Babbage, Vodafone

  • 9:30
     

    5G Providing the Secure Platform for Digitalization of Enterprises and Society
    Mats Nilsson, Ericsson

  • 9:50
     

    Suppliers and Manufacturers views of 5G Security 
    Marcus Wong, Futurewei

  • 10:10
     

    5G Security Challenges for Verticals - a Standards View
    Anja Jerichow - Ali Rezaki, Nokia Bell Labs

  • 10:30
     

    Coffee, Posters & Demos

  • 11:15 Session 2: IoT Devices and Services (part 1), Session Chair Dominique Lazanski, Last Press Label
  •  
     

    IoT devices and services are updated very frequently to enhance services and security. This session will discuss how security can keep pace with such dynamic IoT environment, the impact on certification and conformance models and new dynamic security solutions on the horizon with future secure elements.

  • 11:15
     

    The Value of Security and Privacy Signals in Improving the IoT Ecosystem
    Steve Olshansky, the Internet Society

  • 11.35
     

    Challenges in Securing the IoT in a Post Quantum World 
    Louis Parks, SecureRF Corporation

  • 11:55 Lunch, ETSI Explainers, Posters & Demos
  • 12.10
    12:40

    ETSI Explainer (amphi Athena)
    Introduction on Security and Access Privileges in oneM2M Release 3 - Enrico Scarrone, oneM2M

  • 12:40
    13:10

    ETSI Explainer (Amphi Athena)
    SmartM2M IoT Security - Scott Cadzow, STF 547

  • 14:00 SESSION 2 : IoT Devices and Services (part 2), Session Chair: Stacie Hoffmann, Oxford Information Labs
  • 14:00
     

    Panel Certification of Components
    Moderated by Stacie
    Hoffmann, Oxford Information Labs
    How can you certify the security of an IoT device that is changing regularly, which security conformance frameworks/models to adopt when IoT products and services are updated very frequently etc)

    • Arman Aygen, UL
    • John Moor, IoT Security Foundation
    • Stéphane Mouille, Eurosmart
    • Sylvie Wuidart, ST Microelectronics
    • Eric Vetillard, NXP
  • 14:50
     

    Integrated SIMs – The next after Embedded SIM
    Stephan Spitz, Secure Thingz / IAR Systems

  • 15:10
     

    SIMs, eSIMs and Secure Elements: Providing a Roadmap to Dynamic Security and Flexible Control for Connected Devices
    Remy Cricco, SIMalliance

  • 15:30
     

    Coffee, Posters & Demos 

  • 16:00 SESSION 03: Changing Cryptography, Session Chair: Mark Pecen, TC QSC ChairmanApproach Infinity
  •  
     

    This session will discuss the latest and future changes in cryptography and public key infrastructures (PKIs), which are critical to online security, changing rapidly due to several industry trends and needing to prepare for the advent of quantum computers.

  • 16:00
     

    Maintaining Trust in PKIs: Trends and Updates
    Timothy Hollebeek, Digicert

  • 16:20
     

    An Overview on NIST Post-Quantum Cryptography Standardization
    Lily Chen, NIST

  • 16:40
     

    Cryptography Migration Strategies for Certificates and Communications Protocols
    Erik Andersen, Andersen’s L Service

  • 17:00
     

    Hybrid-Key Exchanges as an Interim-to-Permanent Solution to Cryptographic Agility
    Matt Campagna, Amazon Web Services

  • 17:20
     

    Networking Cocktail

  • Agenda 21 June 2019 (Morning)
  •  
     
  • 9:00 SESSION 04: Security of Hardware and Software Development, Session Chair : Charles Brookson, Zeata
  •  
     

    This session intends to detail how to ensure secure development, update, and deployment of software, how hardware keep up with the rapid change in security needs, how it affects the hardware development, upgrade and deployment and how to ensure supply chain integrity.

  • 9:00
     

    Hardware Security, including Latest R&D
    Ed Montgomery, Queens University of Belfast

  • 9:20
     

    For the Supply Chain in the Aircraft
    Stéphane Chopart, Airbus

  • 9:40
     

    Using Deception to achieve Continued Technical Assurance
    Alex Tarter, Thales UK

  • 10:00
     

    Trusted Computing and Slicing in the Dynamic Environment
    Ian Oliver, Nokia Bell Labs

  • 10:20
     

    Coffee & Networking Break

  • 11:00 SESSION 05: The Human Factor, Session Chair : Bruno Von Niman, VonNiman Consulting
  •  
     

    More and more cyber-attacks affect consumers. Service/product providers or employers request their users or employees to update security parameters (e.g. passwords) or to follow strict security procedures. How do human beings keep up? in particular:

    • How can technology enable users to improve security while remaining user friendly and user acceptable? (e.g. there are better ways to authenticate users than requiring them to remember 100 different passwords)
    • Awareness and education of consumers to keep up with such rapid technology life-cycle
    • Security skills development for the product builders
    • How to find the right balance between security features and human acceptability
    • How to give people more control of their data; how data is shared and who it is shared with
    • How those changes affect privacy and trust
  • 11:00
     

    Managing Information Security in an Economic Warfare Context
    Quentin Gaumer, Amazon Web Services 

  • 11:20
     

    Continuous Auditing Certification
    Dorian Knoblauch, Fraunhofer Fokus

  • 11:40
     

    Behavioural Aspects of Cybersecurity
    Thomas Schlienger, TreeSolution Consulting GmbH

  • 12:00 Thread wrap up and ETSI Security Week Conclusions Alex Leadbeater, TC Cyber Chair, BT
  •  
     
  • 12:20 Final ETSI Security Week Lunch Break 
  • Charles Brookson, Zeata
  • Sonia Compans, ETSI
  • Slawomir Gorniak, ENISA
  • Alan Hayward, NCSC
  • Dominique Lazanski, Last Press Label
  • Alex Leadbeater, BT & TC CYBER chairman, PC Chair
  • Andreas Mitrakas, ENISA
  • Kirsty Paine, NCSC
  • Mark Pecen, ISARA
  • Matthias Schneider, Audi & TC HF chairman
  • Claire Vishik, Intel
  • Stacie Walsh, Oxford Information Labs
Any Questions? Contact us