« State of the art » Network Infrastructures

Centre de Recherche public Henri Tudor

POST Luxembourg

Luxembourg, 22th April, 2014Luxembourg, 22th April, 2014

Jean-Marie Spaus

ICT and Telecom Services

Postal Services Financial Services

POST Luxembourg: An overview

24/04/2014

Page 2POST Luxembourg - Confidentiel

• POST Luxembourg : the country's largest provider of telecommunicationsand ICT services

• POST Luxembourg Group turnover in 2012 : 678,15 Mio €

(company and its subsidiaries)

POST Luxembourg Group: Key Figures

• POST Luxembourg Group is the country's 3rd largest employer, with nearly 4,000 staff, who represent more than 27 different nationalities.

24/04/2014

Page 3POST Luxembourg - Confidentiel

• Telecommunications and ICT service range :

� from fixed and mobile to internet and television

� specially designed solutions for corporate customers

� secure, superfast broadband connectivity solutions in Luxembourg

POST Luxembourg ICT and Telecom Provider for national and international customers

� secure, superfast broadband connectivity solutions in Luxembourgand abroad, as well as Satellite up- and downlink services

� superfast TERALINK broadband network connects major European cities

� ambitious plan to deploy fiber and mobile broadband services

� Cloud based services

24/04/2014

Page 4POST Luxembourg - Confidentiel

In the Telecom/ICT sector

the next revolution is waiting just around the corner!

The Telecommunication and ICT industry is characterized :

• by high rates of innovation in a rapidly changing technological landscape

Risks and Challenges in the Telecom and ICT Sector

• by high rates of innovation in a rapidly changing technological landscape

• associated with a vast array of sustainability risks and challenges from inside and outside the company

24/04/2014

Page 5POST Luxembourg - Confidentiel

Definition:

“Operational risk is defined as the risk of loss resulting frominadequate or failed internal processes, people and systems or fromexternal events”.

Cause Event Impact

Human error Missing of controlHard - software failures

Bad Customer Experience

Risks and Challenges in the Telecom and ICT Sector

24/04/2014

Page 6POST Luxembourg - Confidentiel

Internal Risks

External Risks

Hard - software failuresChanges in operational processesActs of sabotage or vandalism

Loss of Revenue

Loss of Reputation

Fine from authority

Risk of LitigationFraud and cybercrimeActs of terrorism and sabotageActs of God

• Risk management committee at Board level

• Chief Risk Officer at group level

• Chief Information Security Officer for Telecommunications

• Risk assessment group consisting of senior managers from different entities

We care about risk !

• ISO27001 certification process started for POST Telecom and POST Telecom PSF

• Annual risk assessments as part of the requirements as PSF(Professionnel du Secteur Financier)

24/04/2014

Page 7POST Luxembourg - Confidentiel

Integrating risk management practices into all processes, systems and enterprise culture

Operational risk management

- a systemic and cognitive approach for

network design

24/04/2014

Page 8POST Luxembourg - Confidentiel

network designoperation and maintenanceevolutionprotection against cybercrime

and forsecure customer service provisioncustomer data protection

Network design:Advantages of “point-to-point” technology

• Multiple fibers available

• Quality of service guaranteed

• Open to any future new developments

• Technically Neutral

9

• “Open Access” to other alternative operators

• Residential and business customers canchoose freely their services and providers

Map of POST’s International IP Network

24/04/2014

SecurityOperation

Center(SOC)

24/04/2014

« State of the art » Network Infrastructures have to be operated in a secure and risk aware mode

Security Operation Center services include:

• Security monitoring: A SOC has to be staffed 24 hours-a-day, seven days-a-week, providing security monitoring for multiple technologies.

• Incident response: Incident handlers respond to suspected security incidents, providing containment of

24/04/2014

Page 12POST Luxembourg - Confidentiel

suspected security incidents, providing containment of incidents, detailed root-cause analysis and restoration of services.

• Digital forensics: collection and evaluation of log files and traffic pattern.

• Technical security solutions: A specialized technical team deploys and maintains the required software solutions and systems used within the SOC.

Conclusions : POST cares about risk

• Risk management committee

• Chief Risk Officer

• Chief Information Security Officer

Risks and Challenges in the Telecom Sector

• Risk assessment group consisting of senior managers from different entities

• ISO27001 certification process started for POST Telecom

• Implementation of a POST Cyber Security Operation Center

• Collaboration with national public authorities

24/04/2014

Page 13POST Luxembourg - Confidentiel

Thank you

24/04/2014Page 14POST Luxembourg - Confidentiel - Titre de la présentation