ETSI’s annual flagship event on Cyber Security returned in 2022 from 3rd to 5th October, in ETSI, Sophia Antipolis, France.


We were excited to announce the return to a face-to-face format for the event, scheduled to coincide with Cyber Security Month 2022.

The ETSI Security Conference 2022 (previously ETSI Security Week), running over three days, debated EU and Global Cyber Security Regulation, Policy, Security Innovation and Standardisation.

Each day focused on a dedicated theme:

  • Day 1: Global Regulation and Certification Landscape
  • Day 2: Security Verticals
  • Day 3: Technology Day – (Horizontals & Toolboxes)

Agenda topics included: 5G, AI, Cyber Security Act (CSA), IoT / Connected Device Security, Post Quantum and Co-ordinated Vulnerability Disclosure (CVD). 

The event also featured a series of demos and poster sessions.

Meet & Network with the Community!

This face-to-face event provides an exceptional opportunity for the security community to come together to exchange with experts, network with peers, and share facts and opinions around the subject of cybersecurity standardization.

If you missed the last edition of ETSI Security event (ETSI Security Week 2019) held in Sophia Antipolis, watch the interviews and feedback in our video filmed during the event in our HQs.


For 2022 we have established a media partnership with CyberSecurity Magazine, a prominent media outlet connecting industry experts and scientists from the cybersecurity area. You will find extensive coverage of the event in the mag.

Please find below the agenda of the ETSI Security Conference:

  • 3 October 2022 - Global Regulation and Certification Landscape

    9.00: Opening Address, Chair Welcome, Alex Leadbeater, Chair ETSI TC CYBER

    9.05 - 09.30: Introduction and Setting the Scene Session

    • Luis Jorge Romero, ETSI
    • Cinzia Missiroli, CEN CENELEC
    • Andreas Mitrakas, ENISA

    09.30 - 11.15: Regulatory Global Landscape Session, chaired by Alex Leadbeater, Chair ETSI TC CYBER

    • 9.30:  EU Cyber Resilience Act
      Maika Fohrenbach, European Commission

    • 9.45: Germany View on Legislation
      Dennis Kügler, BSI

    • 10.05: View from India: National Security Council
      G.Narendra, NSC

    • 10.25: The State of CyberSecurity Policy in the US
      Curtis Dukes, CIS

    • 10.45: UK View: Telecoms Security Regulations (TSRs)
      Gerry McQuaid, Ofcom

    • 11.05: Q&A

    11.15 - 11.40: Networking Coffee Break including demos & posters

    11.40 - 12.40: Global Regulation Landscape Panel Session, chaired by Sławomir Górniak, ENISA

    This session will discuss EU and Global Cyber Security regulation landscape including Cyber security Act (CSA), Cyber Resilience, AI and NIS2. 


    • Samim Ahmadi, ETSI TC CYBER Vice Chair
    • Curt Dukes, CIS
    • Dennis Kügler, BSI
    • Gerry McQuaid, Ofcom
    • Andreas Mitrakas, ENISA

    12.40 - 13.40: Networking Lunch including Demos & Posters

    13.40 - 15.10: EU Certification (At Regulation Level) Session, chaired by Jean-Pierre Quémard, KAT

    This session will explore EU Certification from a regulation perspective and progress on initial schemes. 

    • Eric Vetillard, ENISA
    • Christin Hartung-Kümmerling, BSI
    • Lionel Agulhon, Serma

    15.10 - 15.35: Networking Coffee Break Including Demos & Posters

    15.35 - 18.00: Eco Security Challenges Session (in a world of Climate, Supply Chain, War, Infiltration and Pandemics), chaired by Alex Leadbeater, Chair TC CYBER

    The session will explore wider security related environmental and supply chain aspects.

    • 15.40: Meet Your Green Data
      Kirsty Paine, Splunk

    • 16.05: Nation State Threats and Supply Chain Risk for The Telecom Sector
      Patrick Donegan, HardenStance

    • 16.30: Android Mobile Security Landscape
      Dave Kleidermacher, Google Inc

    • 17.00: Risk & Conformity Assessment of Supply Chain Services
      Nineta Polemi, University of  Piraeus, Cybersecurity Research Lab

    • 17.25: Operationalizing Software Transparency and SBOMS
      Eliot Lear, Cisco

    • 17.50: Q&A

    18.00: Day 1 Closing Remarks

    18.00 - 19.30:  Networking Event

  • 4 October 2022: Security Verticals

    9.00 Opening Address, Alex Leadbeater, Chair ETSI TC CYBER

    9.05 - 9.30: IoT Keynote Presentation: Lim Soon Chia, Cyber Security Agency, Singapore (CSA)

    9.30 - 11.00: IoT Security Session chaired by Samim Ahmadi, Umlaut

    The session will discuss IoT Security and Certification including EN 303 645 eco-system.

    • 9.30: From Standards to Legislation: the UK Experience
      James Deacon, DCMS

    • 9.50: Secure By Design – How Cyber Security Testing of IoT is Evolving
      Jonathan Marshall, SafeShark

    • 10.05: Testing the Cybersecurity of the Internet of Things as Market Surveillance Authority with the Help of EN 303 645
      Gürkan Kirca, Agentschap Telecom NL

    • 10.20: EN 303 645 in Practice - a Manufacturer's View
      Helene Sigloch, Bosch/BSH-Group

    • 10.40: SESIP (JTC013): Scheme Overview, Objectives and Relations and Complementarities with Other Schemes (e.g. EN 303 645)
      Eve Atallah, NXP

    • 10.55: Session Closing Remarks: Future ETSI Activities on EN 303 645 and Related Verticals
      Samim Ahmadi, Umlaut

    11.00 - 11.30: Networking Coffee Break including demos & posters

    11.30 - 12.45: IoT Industry Verticals Session, chaired by Scott Cadzow, C3L

    This session will explore security of IoT verticals such as connected health, cars, smart cities and energy management.

    • 11.30: The challenge in Moving from Horizontal Standards to Vertical Domains
      Scott Cadzow, C3L

    • 11.50: EC 62443 Certification. A growing Recognition in the Industry & Energy Ecosystems
      Jerome Hamel, Head of Cybersecurity Technical Governance & IEC 62443 evaluation/certification Team leader.

    • 12.10: ML Aided Lightweight Authentication for Internet of Vehicles Network
      Haitham Cruikshank, University of Surrey

    • 12.30: Traffic Data and Vehicles as IoT Sources
      Massimiliano Masi, Autostrade Per l'Italia and Tommaso Scubla

    12.45 - 13.45: Networking Lunch including Demos & Posters

    13.45 - 15.45: 5G & Associated Eco-Systems Session, chaired by Alf Zugenmaier, NTT DOCOMO / HM

    This session will explore the latest status of 3GPP 5G standards, industry verticals, and Intelligent 5G Network Edge. 

    • 13.45: 5G Keynote:  Overview of the Direction of Mobile
      Adrian Scrase, ETSI CTO

    • 14.05: 3GPP Overview Presentation including 3GPP SA3 Security
      Suresh Nair, 3GPP SA3 Chair, Nokia

    • 14.30: Status Update on the Results and Dilemmas in 5GMRR to Define a Secure Solution for 5G SA Roaming
      Sven Lachmund, Deutsche Telekom AG on behalf of Peter Veenstra, Netnumber

    • 14.50: 5G Security Compliance - Impacts and Opportunities for Cloud Providers, Private Networks and Mobile Operators
      Silke Holtmanns, PwC

    • 15.10: Integrating Trust and Attestation in 5G, ORAN and Edge Computing
      Ian Oliver, Nokia

    • 15.35: Q&A

    15.45 - 16.15: Networking Coffee Break Including Demos & Posters

    16.15 - 17.55: Mobile Device Certification Session, chaired by Davide Pratone, Huawei

    This session will explore the certification of mobile devices. 

    • 16.15: GSMA Security Certification Activity and Synergies (NESAS, E-UICC and DSG)
      James Moran, GSMA

    • 16.55: TC CYBER Status of 103 732
      Kai-Fan Chang, TC CYBER, SGS

    • 17.15: Protecting Private Networks and Subscribers’ Privacy by the Capabilities of the 5G SIM
      Benoît Collier, TCA Board Member

    • 17.35: Side Link and Relay Security
      Marcus Wong, Oppo

    17.55: Day 2 Closing Remarks

    18.00 - 19.00: Networking Event

  • 5 October: Technology Day : Horizontals & Toolboxes

    9.00: Opening Address: Chair Welcome, Alex Leadbeater, Chair ETSI TC CYBER

    9.05 - 10.30: In-Life Security Vulnerability and Risk Management Session, chaired by Tony Rutkowski, CIS

    This session will explore security technology such as AI, distributed ledger and software bill of materials. 

    • 9.05: Coordinated Vulnerability Disclosure (CVD): ETSI GSMA and 3GPP programs
      Sonia Compans, ETSI  - Alf Zugenmaier, 3GPP & GSMA

    • 9:25: ICS4ICS - Strengthening the Response to Cyber Incidents in Critical Infrastructure by Leveraging Established Emergency Frameworks
      Matjaz Demsar, Siemens and Lukasz Kister, Woodward

    • 9.45: CVD (Coordinated Vulnerability Disclosure): the Perspective of a Telco Vendor
      Luca Bongiorni , ZTE

    • 10.05: The ISG PDL Approach to Auditability and Automated Enforcement
      Diego Lopez, Chair ETSI ISG PDL, Telefonica

    • 10.25: Q&A

    10.30 - 10.55: Networking Coffee Break including demos & posters

    10.55 - 13.00: Security Research Session, chaired by Björn Fanta, Fabasoft

    This session will explore global and EU security research topics linked to EU horizon and rolling plan. 

    • 10.55: Opening Remarks  

    • 11.00: IRIS: a Framework for Enhancing CERTs & CSIRTs Collaborative Response to Cyberattacks 
      Rene Serral, IRIS Project, UPC

    • 11.20: MEDINA Project
      Björn Fanta, Fabasoft

    • 11.40: AI Security: Lessons Learned and Recent Advances
      Battista Biggio, University of Cagliari

    • 12:00: AI/ML aided security for Space Robotics Applications in FAIRSPACE Project.
      Haitham Cruickshank, Surrey University UK

    • 12.20: INSPIRE-5Gplus: Vision on Security Beyond 5G
      Antonio Pastor Perales, Telefonica

    • 12.40: Cybersecurity Research Challenge in a Digital and Ultra-Connected Society
      Bruno Charrat, CEA

    13.00 - 14.00: Networking Lunch including Demos & Posters

    14.00 - 15.45: Advances in Cryptography Session chaired by Colin Whorlow, NCSC

    This session will explore the latest advances in Post Quantum and Light Weight Cryptography Scheme. 

    • 14.00: Light Weight Cryptography
      Meltem Sonmez Turan, NIST

    • 14.20: IBE / ABE
      Scott Cadzow, C3L

    • 14.40: Homomorphic Encryption: an Introduction
      Rachel Player, RHUL

    • 15.00: Post Quantum: Current State of Play
      Matt Campagna, Amazon

    • 15.20: Post Quantum Next Steps 
      Peter Campbell, NCSC

    15.45 - 16.00: Event Summary and Closing Remarks, presented by Alex Leadbeater, Chair ETSI TC CYBER

    16.00 - 16.30: Coffee & Networking: End of the ETSI Security Conference 2022

ETSI Headquarters650 Route des Lucioles06560 Valbonne - Sophia AntipolisFRANCE Tel: +33 4 92 94 42 00 Detailed venue information is available here.

  • Samim Ahmadi, Umlaut
  • Charles Brookson, ZEATA Security
  • Alex Cadzow, C3L
  • Scott Cadzow, C3L
  • Peter C, NCSC
  • Mirko Cano Soveri, ETSI/3GPP
  • Sonia Compans, ETSI
  • Slawomir Gorniak, ENISA
  • Alan Hayward, NCSC
  • Alex Leadbeater, BT, Chair TC CYBER, Programme Committe Chair
  • Tieyan Li, Huawei
  • Jean-Pierre Quémard, KAT
  • Davide Pratone, Huawei
  • Tony Rutkowski, CIS
  • George Sharkov, European DIGITAL SME Alliance & SBS
  • Colin Whorlow, NCSC
  • Alf Zugenmaier, NTT DOCOMO / HM 

Attendees had the opportunity to visit the following demos and posters during the networking breaks:

  • Demo: Use of EN 303 645 and in FieldMonitoring
    Presented by Alex Buchan, SafeShark

  • Demo and Poster: Securing AI – Threat mitigation strategy and secure computing platform
    Presented by Hsiao-Ying Lin, Huawei

  • Demo: Testing of CIoT products like smart doorbell, smart camera, smart air monitor, smart speaker against EN 303 645 /TS 103 701
    Presented by Gürkan Kirca, Agentschap Telecom

  • Demo:  Remote Attestation and Forensics
    Presented by Ian Oliver, Nokia

  • Demo: PoC 6 Security SLA assurance in 5G network slices
    Presented by Antonio Agustin Pastor Perales, ETSI ISG ZSM

  • Demo and Poster: AMOE a MEDINA component
    Presented by Franz Deimling, Fabasoft

  • Poster: The Trusted Autonomous Mobility (TAM) Project
    Presented by Francesca Bassi, IRT SystemsX

  • Demo and Poster: Malware as a  cloud service and attacks against AI-based detectors
    Presented by Piotr Zuraniewski, TNO

  • Poster: Applying the EN 303 645 to prevent typical IoT-fails and the role of the norm for country specific certification schemes (e.g. the German BSI IT-Sicherheitskennzeichen)
    Presented by Kevin Heneka, Hensec

  • Demo: Attribute-Based Encryption for Access Control in Cloud Ecosystems
    Presented by Giovanni Bartolomeo, CNIT

  • Poster: On the revision of NIST 800-22 Test Suites
    Presented by Jose Coello & Kataryna Kasia, Cryptalabs

  • Poster: End-to-end Security Framework for Continuous Patient Monitoring and Beyond
    Presented by Damian Vizar, CSEM - Moore4Medical EU project 

  • Demo: IRIS Project: Securing the Smart City’s IoT and Control Systems against Confidentiality & Integrity Breaches
    Presented by Rene Serral Gracia, DAC UPC

Any Questions? Contact us

Recognition & Thanks