Sophia Antipolis, France ETSI’s annual flagship event on Cyber Security, the ETSI Security Conference took place from 14 to 17 October 2024, in ETSI, Sophia Antipolis, France.
This exclusive face-to-face event provided an exceptional opportunity for the security community to come together to exchange with experts, network with peers, and share facts and opinions around the most relevant subjects of cybersecurity standardization. The intensive 4-day programme gathered speakers from government agencies, other standards bodies, academia and various industry sectors.
This year's event addressed AI - Impacts of Regulation on Zero Trust and Consumer devices - Societal Impact of Technology- Fraud, Security and Standards Convergence - 5G to 6G - Privacy and Considerations of Employing Encryption Technologies -Transport, Public safety and Critical Communications - Consumer verticals.
Conference Interviews
     |
Day 1 - Monday 14 October
09.30 - 10:15 Check-in and Welcome Coffee
10.15 Opening Messages
- Alex Leadbeater, ETSI TC Cyber Chair
- Jan Ellsberger, ETSI Director-General
- Anthony Brand, ETSI CMO
10:40 SESSION D1-1: GLOBAL CYBER SECURITY
Chaired by Alex Leadbeater, ETSI TC Cyber Chair, GSMA- 10:40 KEYNOTE SPEECH: AI Security: Present State and Future Directions
Rob van der Veer, Software Improvement Group - 11:10 KEYNOTE SPEECH: The State of SBOM
Allan Friedman, Cybersecurity & Infrastructure Security Agency - 11:40 From eUICC to On-Boarding: The Puzzle of Certification of EU Identity Wallets
Eric Vetillard, ENISA
12:00 Lunch & Networking Break - Posters and Demos Visits
13:30 SESSION D1-2: IMPACTS OF REGULATION #1 - Capturing European Values in Technology
Chaired by Björn Fanta, FabasoftThe session will focus on impacts of regulation on products, innovation and technology. It will consider how EU regulation (e.g. AI Act, e-IDAS, RED, CRA, NIS2) and other regional regulations have shaped the global technology landscape. The session will also consider points of friction and gaps between aims of regulation and actual security improvements for products placed on the market.
- 13:30 CERTGRAPH: Applying Knowledge Graphs for Cloud Certification
Stefan Schöberl, Software Competence Center Hagenberg GmbH - 13:50 Estonian Journey Developing and Implementing the National Information Security Framework E-ITS
Mari Seeba, NCSC-EE - 14:10 SBOMs, Asset Management and Vulnerability Management, a Vendor's View
Francois Ambrosini, Huawei - 14:30 Meeting the Challenges of the EUDI Wallet with GlobalPlatform SAM and CSP Specifications
Jean-Daniel Aussel, GlobalPlatform - 14:50 CRA Mapping with EUCC and its Impact on Protection Profiles
Vicente Gonzalez Pedros, ENISA - 15:10 Introducing CYBERSTAND.eu: Supporting EU Experts in Cybersecurity Standardization
Igor Minaev, ETSI
15:25 Coffee & Networking Break - Posters and Demos Visits
16:00 SESSION D1-3: Security for AI and AI for Security
Chaired by George Sharkov, European DIGITAL SME Alliance & SBSThe session will consider AI security from the perspective of securing AI as a generic platform capability. The session will discuss the latest challenges, threats, legislation and approaches to providing secure AI.
- 16:00 Adversarial AI in ICT
Piotr Zuraniewski, TNO - 16:20 AI and Impersonation Fraud: Emerging Threats and Countermeasures
Nicole van der Meulen, SURF - 16:40 ETSI's Role in Standardising the Cyber Security of AI
Issy Hall, Department of Science, Innovation and Technology - 17:00 Can Standards Prevent the Existential Threat of AI?
Scott Cadzow, Cadzow Communications Consulting Ltd - 17:20 Cybersecurity Certification of Artificial Intelligence in Supporting the EU
Corina Pascu, ENISA - 17:40 Enhancing B5G/6G Network Security with Federated Learning in O-RAN
Ioannis Makris, MetaMind Innovations IKE
18:00 - 19:30 Networking Cocktail
Day 2 - Tuesday 15 October
Opening by Alex Leadbeater, ETSI TC Cyber Chair, GSMA
09: 00 SESSION D2-1: Fraud, Security and Standards Convergence
Chaired by Charles Brookson, ZEATAThis session will explore where standards are being driven by fraud and where fraud is driving standards. The session discusses how security and fraud prevention / detection can work more closely. Focus areas to include; 5G, PSD2, eSignature and e-payments.
- 09:00 The Janus Problem – the Challenge of Dealing with Legacy Security Problems While Looking to the Future
David Rogers, Copper Horse - 09:20 The Evolution of Cybersecurity in a 6G and AI-Enabled Hyper-Connected World
Bret Jordan, Afero - 09:40 Joining forces: Cybersecurity and Fraud Management
Peter Allwood, Mastercard - 10:00 Mobile Handset Theft Prevention
Nataliya Stanestky, Google
10:20 Coffee & Networking Break - Posters and Demos Visits
11:00 KEYNOTE SPEECH: Impersonation and Psychological Warfare - Protecting the Children
Galina Pildush, Palo Alto Networks11:30 SESSION D2-2 : Societal Impacts of Technology
Chaired by Alex Cadzow, C3LThis session will explore the societal impact of technology on end users and society. Coercive control avoidance, Metaverse, protection of children, disinformation and protection vulnerable citizens will be discussed.
- 11:30 Is eHealth a Reasonable Standardization Goal?
Suno Wood, EP eHealth Chair - 11:50 A Framework for Supporting the Digital Safety of At-Risk Users
Sunny Consolvo, Google - 12:10 Improving Security by Improving Communication with Individual Consumers
Gill Whitney, ANEC
12:30 Networking Lunch - Posters and Demos Visits
14:00 SESSION D2-3 : Consumer Verticals
Chaired by Hollie Hennessy, OmdiaThe session will explore latest security best practice, challenges and gaps for consumer IoT and other smart devices.
- 14:00 CMDPP Evolution Toward EUCC and CRA
Davide Pratone, Huawei - 14:20 RED Cybersecurity Conformity Assessment Approach and Challenges
Angelo D’Amato, UL Solutions - 14:40 How Global Standardization Efforts are Expanding eSIM Benefits for the Consumer IoT
Cyril Caillaud, Trusted Connectivity Alliance - 15:00 Navigating the Dynamic Landscape of Cybersecurity Legislations, Standards, and Regulations for Embedded Devices (from a provider of measurement instrument perspective)
Kaustabh Debbarman, LAAVAT - 15:20 VDP Accessibility in Consumer IoT
Cedric Levy-Bencheton, Cetome
15:40 Tea & Networking Break - Posters and Demos Visits
16:15 SESSION D2-4: Societal Impacts of Technology
Chaired by Nataliya Stanestky, Google- 16:15 Age Verification the Stakeholders, Solutions, and Standards Landscape
Alex Cadzow, Cadzow Communications Consulting Ltd - 16:35 Is It Trustworthy Enough? Considering Societal Impact in Public Safety Technologies
Katrina Petersen, Public Safety Communication Europe
16:55 Session D2-5: PANEL DISCUSSION: Societal Impacts of Technology
Chaired by Galina Pildush Palo AltoAs the technology train of innovation is accelerating at unprecedented speeds, we as a society need to stop and consider how these great technological advancements impact us, focusing on those who are vulnerable. This panel will discuss those impacts, considering the technological advancements at multiple levels, ranging from IoTs/ handheld devices to applications, AI, and human-to-human interactions, which has taken a different form. Considering panel members’ broad backgrounds and interests, the panel discussion will touch multiple perspectives and aspects, intertwining social science with cybersecurity and human factors.
- Sunny Consolvo, Google
- Katrina Petersen, Public Safety Communication Europe
- Gill Whitney, ANEC
17:45 - 19:00- Networking Drink
- 09:00 The Janus Problem – the Challenge of Dealing with Legacy Security Problems While Looking to the Future
Day 3 - Wednesday 16 October
Opening by Alex Leadbeater, ETSI TC Cyber Chair, GSMA
09:00 KEYNOTE SPEECH: The NIST PQC Standards
Dustin Moody, NIST09:30 Session D3-1: Quantum Safe Cryptography
Chaired by Colin Whorlow, NCSCThe session will explore latest developments in quantum algorithm selection, migration strategy, best practice, agility and other cryptography.
- 09:30 BSI Post-Quantum Update
Stephan Ehlen, BSI - 09:50 ANSSI Views on Post-Quantum Cryptography Transition
Samih Souissi, ANSSI - 10:10 Overview of ETSI ISG QKD
Martin Ward, ISG QKD Chair, Toshiba - 10:30 ETSI Cyber QSC Update
Matt Campagna, Cyber QSC Chair, AWS
10:50 Coffee and Networking - Posters and Demos Visits
11:20 SESSION D3-2: Quantum Safe Cryptography
Chaired by Matt Campagna, AWS- 11:20 Staying Ahead of the Quantum Threat – Starting with Hardware
Thalia Laing, HP Security Lab - 11:40 Early Experiences Implementing Quantum-Resistant Cryptography
Daniele Lacamera, WolfSSL - 12:00 Futureproofing Data Security through Cryptographic Agility
Glen Leonhard, CryptoMathic
12:20 - 13:00 SESSION D3-3 PANEL DISCUSSION Reasonable Cybersecurity: Emerging New Developments
Moderated by Curtis Duke, CISCyber system users fundamentally face risks that vary among different ICT sectors, constantly evolve, and require reasonable allocations of resources and actions. As cybersecurity incidents and related losses continue to increase, multiple private and public sector activities and actions have emerged as different understandings of what is “reasonable.” In legal terms "reasonable cybersecurity” is the duty of care that an organization owes its customers. However, what is “reasonable” remains largely undefined and no global compilation exists of its use for cybersecurity purposes.
This panel session is intended both to inform the Security Week audience and serve as a means for ongoing collaboration on the diverse manifestations of reasonable cybersecurity. It includes new related activities in the EU and CEPT countries, as well as different disciplines and perspectives. It builds on work undertaken over the past year among the Critical Security Controls community and being carried forward with a new TC CYBER work item.- Phyllis Lee, CIS
- Tony Rutkowski, CIS
- George Sharkov, SBS aisbl
13:00 Lunch & Networking - Posters and Demos Visits
14:30 SESSION D3-4: Impact of Regulation #2 – Trust and Privacy
Chaired by Scott Cadzow, C3LThe session will explore latest developments, regulatory landscape and best practice for trust establishment and privacy.
- 14:30 Verify Before Use - the Role of ETSI's ISG ETI
Scott Cadzow, C3L - 14:50 Navigating Trust and Data Privacy Contradictions in the Age of Autonomous Cars
Francesca Bassi, IRT Systemx
15:10 Coffee & Networking - Posters and Demos Visits
15:45 SESSION D3-5: 5G to 6G Evolution or Revolution?
Chaired by Alex Leadbeater, TC Cyber Chair, GSMAIn early 2024 3GPP, ETSI and GSMA started the multi-year process of developing standards for 6G. While 6G won’t reach the market until ~2030, 2024 to 2026 will be the key years in which 6G architecture is standardized. This session will explore 6G challenges and opportunities from a security perspective.
- 15:45 A Vision for Communications (6G)
Laurence Wayne, BT - 16:05 Bridging the Gap: XAI's Contribution to B5G and 6G Network Security
Madhusanka Liyanage, University College Dublin - 16:25 vCONFIDENTIAL6G: Confidential Computing and Privacy-Preserving Technologies for 6G
Vera Stavroulaki, WINGS ICT Solutions - 16:45 Digital Identity for Next Generation Telecommunication Networks
Jintao Zhu, Huawei - 17:05 Cyber Security Best Practices with Energy Efficiency
Nicolas Stricher, Check Point Software - 17:25 Threats and Risks of 5G Networks for Military Applications
Jordi Mongay Batalla, Warsaw University of Technology
17:45 - 19:00 Day 3 Networking Drink
- 09:30 BSI Post-Quantum Update
Day 4 - Thursday 17 October
Opening by Alex Leadbeater, ETSI TC Cyber Chair, GSMA
09:00 SESSION D4-1: Impacts of Regulation #3 - Consumer Devices
Chaired by Slawomir Gorniak, ENISAThe session will explore impacts of regulation on consumer products and devices. The session will explore successes, failures, best practices, and gaps. Focus areas to include IoT and automotive. (session in construction)
- Industry Certifications for Smartphone and IoT Devices using ETSI Specifications
Jorge Wallace Ruiz, Dekra - A Comprehensive Cybersecurity Certification Framework based on ETSI EN 303 645
David Nosibor, Red Alert Labs - Navigating the Complex Landscape of IoT Security Regulations
Zahra Khani, Keysight Technologies - Providing Best User Experience while Complying with Cybersecurity Regulations
Francois Fischer, Huawei Technologies R&D
10:30 Coffee & Networking - Posters and Demos Visits
11:00 SESSION D4-2: Transport, Public safety and Critical Communications
Chaired by Gerry McQuaid, OfcomThe session will explore security for Transport, Public Safety, Critical Industries and Critical Communications
- 11:00 FRMCS
Catherine Houbion, UICC - 11:20 Law Enforcement Support in Standards
Koen Jaspers, PIDS - 11:40 BroadEU.Net : Realising the European Critical Communication System (EUCCS)
David Lund, Public Safety Communication Europe (PSCE) Forum - 12:00 TETRA: Securing the Future
Brian Murgatroyd, Chair ETSI TC TCCE
12:20 Session D4 - 3 : PANEL DISCUSSION : ETSI Security Conference 2024 Reflection
Chaired by Alex Leadbeater with the Programme Committee membersThe Programme Committee Members will meet and discuss the following subjects :
- Key points from the diverse topics raised during the event and how these can be reflected into the standardization prioritization,
- How to maintain relevance of ETSI ICT and mobile eco system cybersecurity standards in an increasingly agile technology landscape
13:15 Close of the Conference - Grab a sandwich and Go !
- Industry Certifications for Smartphone and IoT Devices using ETSI Specifications
Posters
- DYNABIC: Dynamic Business Continuity and Response of Critical Systems against advanced cyber-physical threats
University Côte d'Azur - Nicolas Ferry - ROBUST-6G: Smart, Automated, and Reliable Security Service Platform for 6G
University College Dublin - Madhusanka Liyanage - Enhanced Cybersecurity Through Integrative Open Source Technology: OpenVAS, OpenKAT, and Aranei in Pharma and Healthcare
OpenNovations - Hans de Raad
OpenKAT - Brenno de Winter - Securing 6G Networks in the Quantum Era
Turkcell - Zehra Yigit - Application of Homomorphic Encryption in Private IP Search over Encrypted Database
Centre For Development Of Telematics - Ranjan Sameer - Bidisha Mandal - Integrating Network Digital Twinning into Future AI-based 6G Systems (6G-TWIN, SNS JU
Regis Decorme, R2M
Demos
- Telecom-Native PDL-based UCDID System for Providing Differential ICT Network Services
ISG PDL Participants - CyberPass | Elevate Your Cybersecurity Procurement with ETSI EN 303 645
Red Alert Labs, Ali Khalil - Adversarial AI in ICT
TNO - Piotr Zuraniewski
ETSI is pleased to share the publicly available presentations during this conference.
The ETSI Security Conference 2024 programme will be built by the following people:
- Samim Ahmadi, EY
- Charles Brookson, ZEATA Security
- Alex Cadzow, C3L
- Scott Cadzow, C3L
- Matt Campagna, Amazon Web Services
- Peter C, NCSC
- Mirko Cano Soveri, ETSI/3GPP
- Bjorn Fanta, Fabasoft
- Slawomir Gorniak, ENISA
- Alan Hayward, NCSC
- Holie Hennessy, OMDIA
- Alex Leadbeater,GSMA, Programme Committee Chair
- Tieyan Li, Huawei
- Gerry McQuaid, Ofcom
- Mats Naslund, NDRE
- Kim Nordstrom, ETSI
- Jean-Pierre Quémard, KAT
- Davide Pratone, Huawei
- Tony Rutkowski, CIS
- George Sharkov, European DIGITAL SME Alliance & SBS
- Nataliya Stanetsky, Google Ireland Limited
- Colin Whorlow, NCSC
- Alf Zugenmaier, NTT Docomo