Upload
crp-henri-tudor
View
202
Download
4
Embed Size (px)
DESCRIPTION
CRP Henri Tudor organised at its headquarters the event: "Trusted Hub Luxembourg: Systemic Risk Management for Operational Excellence", on April 22, 2014. See the presentation of POST Luxembourg: "State of the art" Network infrastructures.
Citation preview
« State of the art » Network Infrastructures
Centre de Recherche public Henri Tudor
POST Luxembourg
Luxembourg, 22th April, 2014Luxembourg, 22th April, 2014
Jean-Marie Spaus
ICT and Telecom Services
Postal Services Financial Services
POST Luxembourg: An overview
24/04/2014
Page 2POST Luxembourg - Confidentiel
• POST Luxembourg : the country's largest provider of telecommunicationsand ICT services
• POST Luxembourg Group turnover in 2012 : 678,15 Mio €
(company and its subsidiaries)
POST Luxembourg Group: Key Figures
• POST Luxembourg Group is the country's 3rd largest employer, with nearly 4,000 staff, who represent more than 27 different nationalities.
24/04/2014
Page 3POST Luxembourg - Confidentiel
• Telecommunications and ICT service range :
� from fixed and mobile to internet and television
� specially designed solutions for corporate customers
� secure, superfast broadband connectivity solutions in Luxembourg
POST Luxembourg ICT and Telecom Provider for national and international customers
� secure, superfast broadband connectivity solutions in Luxembourgand abroad, as well as Satellite up- and downlink services
� superfast TERALINK broadband network connects major European cities
� ambitious plan to deploy fiber and mobile broadband services
� Cloud based services
24/04/2014
Page 4POST Luxembourg - Confidentiel
In the Telecom/ICT sector
the next revolution is waiting just around the corner!
The Telecommunication and ICT industry is characterized :
• by high rates of innovation in a rapidly changing technological landscape
Risks and Challenges in the Telecom and ICT Sector
• by high rates of innovation in a rapidly changing technological landscape
• associated with a vast array of sustainability risks and challenges from inside and outside the company
24/04/2014
Page 5POST Luxembourg - Confidentiel
Definition:
“Operational risk is defined as the risk of loss resulting frominadequate or failed internal processes, people and systems or fromexternal events”.
Cause Event Impact
Human error Missing of controlHard - software failures
Bad Customer Experience
Risks and Challenges in the Telecom and ICT Sector
24/04/2014
Page 6POST Luxembourg - Confidentiel
Internal Risks
External Risks
Hard - software failuresChanges in operational processesActs of sabotage or vandalism
Loss of Revenue
Loss of Reputation
Fine from authority
Risk of LitigationFraud and cybercrimeActs of terrorism and sabotageActs of God
• Risk management committee at Board level
• Chief Risk Officer at group level
• Chief Information Security Officer for Telecommunications
• Risk assessment group consisting of senior managers from different entities
We care about risk !
• ISO27001 certification process started for POST Telecom and POST Telecom PSF
• Annual risk assessments as part of the requirements as PSF(Professionnel du Secteur Financier)
24/04/2014
Page 7POST Luxembourg - Confidentiel
Integrating risk management practices into all processes, systems and enterprise culture
Operational risk management
- a systemic and cognitive approach for
network design
24/04/2014
Page 8POST Luxembourg - Confidentiel
network designoperation and maintenanceevolutionprotection against cybercrime
and forsecure customer service provisioncustomer data protection
Network design:Advantages of “point-to-point” technology
• Multiple fibers available
• Quality of service guaranteed
• Open to any future new developments
• Technically Neutral
9
• “Open Access” to other alternative operators
• Residential and business customers canchoose freely their services and providers
Map of POST’s International IP Network
24/04/2014
SecurityOperation
Center(SOC)
24/04/2014
« State of the art » Network Infrastructures have to be operated in a secure and risk aware mode
Security Operation Center services include:
• Security monitoring: A SOC has to be staffed 24 hours-a-day, seven days-a-week, providing security monitoring for multiple technologies.
• Incident response: Incident handlers respond to suspected security incidents, providing containment of
24/04/2014
Page 12POST Luxembourg - Confidentiel
suspected security incidents, providing containment of incidents, detailed root-cause analysis and restoration of services.
• Digital forensics: collection and evaluation of log files and traffic pattern.
• Technical security solutions: A specialized technical team deploys and maintains the required software solutions and systems used within the SOC.
Conclusions : POST cares about risk
• Risk management committee
• Chief Risk Officer
• Chief Information Security Officer
Risks and Challenges in the Telecom Sector
• Risk assessment group consisting of senior managers from different entities
• ISO27001 certification process started for POST Telecom
• Implementation of a POST Cyber Security Operation Center
• Collaboration with national public authorities
24/04/2014
Page 13POST Luxembourg - Confidentiel
Thank you
24/04/2014Page 14POST Luxembourg - Confidentiel - Titre de la présentation