Upload
others
View
6
Download
0
Embed Size (px)
Citation preview
Florian Pennings, EU Government Affairs Manager
Lorelien Hoet, EU Government Affairs Director
Microsoft : global cloud player &
cybersecurity stakeholder in a
European telecom environment
EU Telecom Security meeting
Article 13a expert group
12 February 2020
50 Regions 140 Countries
MICROSOFT INFRASTRUCTURE INVESTMENTS
Microsoft Intelligent Security Graph
400Bemails
analyzed
1.2Bdevices
scanned each month
200+global cloud
customer and commercial services
930Mthreats detected on devices every month
Shared threat data from partners,
researchers, and law enforcement worldwide
Botnet data from Microsoft Digital
Crimes Unit
18B+Bing web pages
scanned 450Bmonthly
authentications
Enterprise security
for 90% of
Fortune 500
750M+Azure user accounts
Azure
Outlook
Xbox Live
Bing
OneDrive
Windows
Microsoftaccounts
Microsoft platform
6.5 TRILLION signals per day
Our reality is changing
GEOPOLITICAL CHANGE
EVOLUTION OF TECHNOLOGY
PERSISTENCE OF THREAT
Nation States, Activists, Terror
Groups
BRAZEN, COMPLEX,
PERSISTENT
Motives:IP Theft,Damage,
Disruption
Persistence of threatEvolution of attacks
2005-2012
Organized Crime
RANSOMWARE, CLICK-FRAUD,
IDENTITY THEFT
Motive: Profit
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2012 - TODAY2003-2004
Threat group information sharing:
• Thallium: which is believed to operate from North Korea• Phosphorus: which we believe originates from Iran• Strontium (Fancy Bear/APT28): associated with Russia
Microsoft as policy stakeholder
NIS Directive
Cybersecurity Act
Cybersecurity Competences Centre & Network
Public private cooperation
Harmonization of international standards
Cybersecurity Skills
Remain inclusive. Cybersecurity is global.
From article 13a Framework Directive to article 40 EECC ….
8
• Definition of “electronic communication services” (ECS) broadened to include i.a.number-independent interpersonal communication services (NIICS)
• Differences between ECS and NIICS: • By nature• In geographical scope
New paradigm / requires new thinking :
• Difficult / unfeasible to apply current article 13a measures to NIICS
• More harmonization necessary
• More cross-border co-operation
From article 40 EECC to 5G security…?
9
“5G is key to Europe’s digital transformation”
• Risk of blurring the lines between “strategic measures” and “technical measures” (concepts 5G security toolbox)
• Harmonization is absolutely required to avoid fragmented EU market
• B2B IOT market is no longer national
• Suppliers must be able to provide pan-European services to allow for digital transformation
• Avoid material overlaps between article 40, NIS, cybersecurity certification, ….
“5G security is key”