EU Telecom Security Authorities discuss the challenges of Over-the-top Communications Services Supervision

Back to News

The European Union Agency for Cybersecurity hosted the 34th meeting of the European Competent Authorities for Secure Electronic Communications (ECASEC).

The 34th meeting of the ECASEC expert group mainly focused on the challenges and open issues of the supervision of the Number-Independent Interpersonal Communication Services (NI-ICS) under the European Electronic Communications Code (EECC).

NI-ICS, also referred to as over-the-top communication services (OTTs), are a new set of services in scope of the EU telecom legislation. Over-the-top communications services enable direct interpersonal and interactive exchange of information via electronic communications, without connecting to the public telephone network.

Highlights of the 34th meeting

The meeting engaged in a discussion on the supervision of the NI-ICS, with the intention to explore how the related provisions of the new EECC could be addressed.

The supervision of the NI-ICS as provided for by the EECC is challenging as NI-ICS providers do not operate in a single country but usually offer services across all 27 Member States. The group highlighted the challenges this presents in supervising the NI-ICS. Specifically, the National Regulatory Authorities (NRAs) discussed the harmonised incident reporting obligations in relation to the NI-ICS. They also exchanged their views on the need for cross-border NI-ICS supervision. In addition, the group followed a presentation on BEREC’s report on harmonised metrics of regulatory relevance for NI-ICS.

The Regulatory Authority of Cyprus presented the new tool they developed in order to support the supervision of cybersecurity in critical sectors.  Also, the Danish Authority introduced their consolidated incident-reporting platform and the Netherlands presented their auditing mechanisms.

In addition, the group discussed the recent developments in relation to the request ENISA received from the European Commission to prepare a new candidate certification scheme for 5G.

Further topics addressed included the following projects of ENISA for 2021 on:

  • 5G Security Controls Matrix;
  • Webinars on mobile network security;
  • ENISA reports to be published by the end of the year on Network Function Virtualisation (NVF) techniques, SIM swapping and Consumer Outreach Strategies.

ENISA informed the Group about its situational awareness activities, such as the Open Cyber Situational Awareness Machine (openCSAM).

Next steps

The Group is expected to meet again in October in a hybrid format. The meeting foreseen will include the organisation of a separate open session, where providers will also be invited.

About the meeting

More than 50 experts from national authorities supervising the European telecom sector in the EU, EFTA, EEA, and EU candidate countries attended the meeting held on 16th and 17th June.

Background on ECASEC Expert Group, formerly known as the ENISA Article 13a group

Established in 2010, the ENISA ECASEC expert group, formerly known as the ENISA Article 13a group, consists of about 100 experts from national telecom security authorities from EU Member States, EFTA countries, and EU candidate countries.

The group is a forum for exchanging information and good practices on telecom security. It produces policy guidelines for European authorities on the implementation of EU telecom security legislation, and publishes an annual summary report about major telecom security incidents.

This group meets 3 times a year in order to discuss and agree on a common approach to telecom security supervision in the EU.

Further Information

For more information about the ENISA ECASEC expert group see ENISA ECASEC EG portal

If you want to join the ENISA telecom security mailing list, to be kept up to date about this group and our telecom security work, and to receive invitations for events and projects, please contact us via resilience (at) enisa.europa.eu

ENISA Incident Reporting webpage

European Electronic Communications Code

Contact

For press questions and interviews, please contact