Securing the Seas and the Skies

Back to News

The 3rd ENISA Telecom & Digital Infrastructure Security Forum organised today addressed emerging technologies and the evolving threat landscape including challenges from sub-sea cables to satellites.

Organised yearly, the European Union Agency for Cybersecurity (ENISA) Telecom & Digital Infrastructure Security Forum offers an information sharing and discussion platform for electronic communications providers, digital infrastructure entities and the national telecom security authorities.

This year the event took place in Lisbon, Portugal with insightful presentations and discussions that highlighted the most pressing cybersecurity concerns in this field including:

  • the resilience of the global internet,
  • sub-sea cables security,
  • telecom’s supply chain risks,
  • ransomware attacks
  • 5G security and
  • low earth orbit (LEO) satellite communication networks.

ENISA is also hosting several side-events with several work streams of the NIS Cooperation group, including the new workstream for the NIS2 provisions on the "WHOIS" database, the workstream for digital infrastructure, and the 5G workstream. ENISA this week also released a new report on the identification of domain name owners, and ENISA is launching the 5G Security Controls Matrix, a single repository of controls for 5G networks.

Executive Director of the European Union Agency for Cybersecurity (ENISA), Juhan Lepassaar, said: “The 5G rollout showed the importance of alignment and collaboration among EU Member States on telecom security. If we want to have better cybersecurity in Europe, we have to make sure there is a secure and resilient digital infrastructure, covering not only the mobile networks, but also the fixed networks, the fibre connections, the submarine cables, satellite communications, and so on. ENISA is committed to work together with all stakeholders and provide its expertise to ensure the resilience of the EU’s digital infrastructure.”

 ENISA releases its 5G Security Controls Matrix

ENISA developed a comprehensive and dynamic matrix of security controls and best practices for the security of 5G networks. The purpose of the 5G Matrix is to provide one repository of detailed technical controls, mapped to the objectives and measures of ENISA Guideline on Security Measures under the European Electronic Communications Code (EECC). The repository is used as a tool by national authorities in their supervision of measures taken by operators to secure their 5G networks.

Download the 5G Matrix

ENISA publishes a new report on identification of domain owners – key takeways

Domain names and the Domain Name System (DNS) are at the heart of the modern internet. If the domain names are not registered correctly, for example because the identity of the domain name registrant is not verified, then the data in the domain registry is not reliable, and this could provide opportunities for cyberattacks. The new report of ENISA on DNS identity explores the importance of the verification and authentication of domain name owners to ensure security and resilience during the domain name registration process. 

This report gives an overview of the methods currently used by domain registrars to verify the identity of domain name owners. It also gives an overview of relevant existing literature on relevant good practices, for example on identity verification, two-factor authentication (2FA), the use of national eIDs schemes, and third-party verification.

This analysis was done to support the national authorities overseeing the top-level domain registries in the EU Member States, and can be seen as a preparatory study for the NIS2 work on the "WHOIS" database.

Download the DNS report

Meeting of the ECASEC group, the EU’s national authorities for telecom security

ENISA hosted the 40th ECASEC EG meeting on 23 May in Lisbon. In this meeting the European Competent Authorities for Secure Electronic Communications (ECASEC) focused on the security and oversight of Number-Independent Interpersonal Communication Services (NI-ICS) providers, as well as the transition to the NIS2, the update of the Directive on Security of Network and Information Systems which will replace the security requirements for the EU’s telecom sector.

Established in 2010, the ENISA ECASEC expert group consists of about 100 experts from national telecom security authorities from all EU countries, the EFTA countries, and EU candidate countries. The group exchanges information and good practices on telecom security. It produces policy guidelines for European authorities on the implementation of EU telecom security rules and publishes an annual summary report about major telecom security incidents. Check out the ENISA ECASEC EG portal, and https://www.enisa.europa.eu/topics/incident-reporting/for-telcos, where you can find the most recent publications and information about the group.

Further Information

DNS Identity – Verification and authentication of Domain Name Owners

Security and privacy for public DNS resolvers – ENISA report 2022

Telecom Security Incidents – ENISA report 2021

Embedded SIM (eSIM) Ecosystem: Security Risks and Measures -ENISA report 2022

Directive on measures for a high common level of cybersecurity across the Union (NIS2)

Contact

For press questions and interviews, please contact press (at) enisa.europa.eu