CRP Henri Tudor organised at its headquarters the event: "Trusted Hub Luxembourg: Systemic Risk Management for Operational Excellence", on April 22, 2014. See the presentation of POST Luxembourg: "State of the art" Network infrastructures.

1. « State of the art » Network Infrastructures
Centre de Recherche public Henri Tudor
POST Luxembourg
Luxembourg, 22th April, 2014Luxembourg, 22th April, 2014
Jean-Marie Spaus

2. ICT and Telecom
Services
Postal Services Financial Services
POST Luxembourg: An overview
24/04/2014
Page 2POST Luxembourg - Confidentiel

3. • POST Luxembourg : the country's largest provider of telecommunications
and ICT services
• POST Luxembourg Group turnover in 2012 : 678,15 Mio €
(company and its subsidiaries)
POST Luxembourg Group: Key Figures
• POST Luxembourg Group is the country's 3rd largest employer, with
nearly 4,000 staff, who represent more than 27 different nationalities.
24/04/2014
Page 3POST Luxembourg - Confidentiel

4. • Telecommunications and ICT service range :
from fixed and mobile to internet and television
specially designed solutions for corporate customers
secure, superfast broadband connectivity solutions in Luxembourg
POST Luxembourg
ICT and Telecom Provider for national and international customers
secure, superfast broadband connectivity solutions in Luxembourg
and abroad, as well as Satellite up- and downlink services
superfast TERALINK broadband network connects major European cities
ambitious plan to deploy fiber and mobile broadband services
Cloud based services
24/04/2014
Page 4POST Luxembourg - Confidentiel

5. In the Telecom/ICT sector
the next revolution is waiting just around the corner!
The Telecommunication and ICT industry is characterized :
• by high rates of innovation in a rapidly changing technological landscape
Risks and Challenges in the Telecom and ICT Sector
• by high rates of innovation in a rapidly changing technological landscape
• associated with a vast array of sustainability risks and challenges from inside
and outside the company
24/04/2014
Page 5POST Luxembourg - Confidentiel
Definition:
“Operational risk is defined as the risk of loss resulting from
inadequate or failed internal processes, people and systems or from
external events”.

6. Cause Event Impact
Human error
Missing of control
Hard - software failures
Bad Customer
Experience
Risks and Challenges in the Telecom and ICT Sector
24/04/2014
Page 6POST Luxembourg - Confidentiel
Internal Risks
External Risks
Hard - software failures
Changes in operational
processes
Acts of sabotage or vandalism
Loss of Revenue
Loss of
Reputation
Fine from
authority
Risk of Litigation
Fraud and cybercrime
Acts of terrorism and sabotage
Acts of God

7. • Risk management committee at Board level
• Chief Risk Officer at group level
• Chief Information Security Officer for Telecommunications
• Risk assessment group consisting of senior managers from different entities
We care about risk !
• ISO27001 certification process started for POST Telecom and POST Telecom PSF
• Annual risk assessments as part of the requirements as PSF
(Professionnel du Secteur Financier)
24/04/2014
Page 7POST Luxembourg - Confidentiel

8. Integrating risk management practices into all
processes, systems and enterprise culture
Operational risk management
- a systemic and cognitive approach for
network design
24/04/2014
Page 8POST Luxembourg - Confidentiel
network design
operation and maintenance
evolution
protection against cybercrime
and for
secure customer service provision
customer data protection

9. Network design:
Advantages of “point-to-point” technology
• Multiple fibers available
• Quality of service guaranteed
• Open to any future new developments
• Technically Neutral
9
• “Open Access” to other alternative operators
• Residential and business customers can
choose freely their services and providers

10. Map of POST’s International IP Network
24/04/2014

11. Security
Operation
Center
(SOC)
24/04/2014

12. « State of the art » Network Infrastructures have to
be operated in a secure and risk aware mode
Security Operation Center services include:
• Security monitoring: A SOC has to be staffed 24
hours-a-day, seven days-a-week, providing security
monitoring for multiple technologies.
• Incident response: Incident handlers respond to
suspected security incidents, providing containment of
24/04/2014
Page 12POST Luxembourg - Confidentiel
suspected security incidents, providing containment of
incidents, detailed root-cause analysis and restoration
of services.
• Digital forensics: collection and evaluation of log
files and traffic pattern.
• Technical security solutions: A specialized
technical team deploys and maintains the required
software solutions and systems used within the SOC.

13. Conclusions : POST cares about risk
• Risk management committee
• Chief Risk Officer
• Chief Information Security Officer
Risks and Challenges in the Telecom Sector
• Risk assessment group consisting of senior managers from different entities
• ISO27001 certification process started for POST Telecom
• Implementation of a POST Cyber Security Operation Center
• Collaboration with national public authorities
24/04/2014
Page 13POST Luxembourg - Confidentiel

14. Thank you
24/04/2014Page 14POST Luxembourg - Confidentiel - Titre de la présentation