Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security and business continuity in ICT : a case study by Orange

Published byVirginia Araya Iglesias Modified over 5 years ago

Similar presentations

Presentation on theme: "Security and business continuity in ICT : a case study by Orange"— Presentation transcript:

1 Security and business continuity in ICT : a case study by Orange
ITU Workshop on “ICT Security Standardization for Developing Countries” (Geneva, Switzerland, September 2014) Security and business continuity in ICT : a case study by Orange Francois Zamora, Global security management system Corporate Security Department, Orange Group Geneva, Switzerland, September 2014

2 Purpose of this presentation
To exchange on how normative references are used for security and business continuity To detect opportunities in the context of developing countries Orange Trends observed Selected approach and methodology in Orange security function Geneva, Switzerland, September 2014

3 Orange’s footprint Geneva, Switzerland, September 2014

4 Some trends observed Regulatory Standardization ICT
European Critical Infrastructures, started with energy, transports and interlinks ICT. France reformulates Europe’s vision Influences on developing countries Standardization Information security BCM Privacy Cloud security (provider and consumer) Management systems for records SCADA security ICT mutates concentrates outsources is exposed enables new fields Geneva, Switzerland, September 2014

5 A vision shared in France
courtesy : HCFDC, Feb 2013 (Laurent Ducamin, SGDSN) Geneva, Switzerland, September 2014

6 Case study All these sectors are interlinked with strong interdependencies leading to complex representations and challenging requirements Orange selected an approach and methodologies to clarify and address ICT security and resilience in a context of strong technological mutations Geneva, Switzerland, September 2014

7 Approach Clarify requirements and maintain watch
Manage risks and comply Continuously improve Certify for business, re-use for compliance Orange Global security standard Global security management system Use and map external references Geneva, Switzerland, September 2014

8 Methodology Identifying critical scopes of services, activities and processes : Risk identification and management with ISO/IEC 27005 Continuous improvements with ISO/IEC 27001, and 22301 Use and map other normative references Maintain watch to assess effects : from and on Cloud-computing-based infras from the virtualization trends of network equipments from and upon key providers from the conquest of new fields of services Geneva, Switzerland, September 2014

9 Conclusions and Recommendations
Thanks to a risk approach : effort is focused on critical functions and only relevant references are selected Maintaining watch enables : adequacy to local requirements and proportionality of effort with real-life threats Geneva, Switzerland, September 2014

10 Thank you backup slides follow
Geneva, Switzerland, September 2014

11 disctinctive features and strength
Geneva, Switzerland, September 2014

12 Orange’s weight Geneva, Switzerland, September 2014

13 Orange’s networks overview for the enterprise market
Geneva, Switzerland, September 2014

Download ppt "Security and business continuity in ICT : a case study by Orange"

Similar presentations

STATE OF TRANSPORT CLIMATE CHANGE ADAPTATION ACTIONS IN EEA COUNTRIES, RECENT EXPERIENCES Natalia Sobrino (TRANSyT- UPM) ETC/CCA Task 2.1.2.4 Adaptation.

STATE OF TRANSPORT CLIMATE CHANGE ADAPTATION ACTIONS IN EEA COUNTRIES, RECENT EXPERIENCES Natalia Sobrino (TRANSyT- UPM) ETC/CCA Task Adaptation.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.

Tenace FRAMEWORK and NIST Cybersecurity Framework Block IDENTIFY.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Standardization Activities on Cloud Computing Kishik Park, Kangchan Lee, Seungyun Lee TTA.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Recent Standardization Activities on Cloud Computing Kishik Park, Kangchan Lee, Seungyun Lee TTA.
Audit Committee and Corporate Governance. The European Confederation of Institutes of Internal Auditing (ECIIA) Founded in 1982 Confederation of 32 countries.

Audit Committee and Corporate Governance. The European Confederation of Institutes of Internal Auditing (ECIIA) Founded in 1982 Confederation of 32 countries.
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All The Internet of Things (IoT) aka Machine 2 Machine (M2M) Bilel Jamoussi Chief, Study Groups Department.

Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All The Internet of Things (IoT) aka Machine 2 Machine (M2M) Bilel Jamoussi Chief, Study Groups Department.
Privacy and Security Implications of Cloud Computing 17 November 2009 - IGF Laurent Bernat - OECD.

Privacy and Security Implications of Cloud Computing 17 November IGF Laurent Bernat - OECD.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
How are service providers helping their customers to deliver IT as a Service? Peter Glock – Orange Business Services 18 May 2011, presentation to Europe.

How are service providers helping their customers to deliver IT as a Service? Peter Glock – Orange Business Services 18 May 2011, presentation to Europe.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Geneva, Switzerland, 14 November 2014 Data Protection for Public Cloud (International Standard ISO 27018) Stéphane Guilloteau Engineer Expert, Orange Labs.

Geneva, Switzerland, 14 November 2014 Data Protection for Public Cloud (International Standard ISO 27018) Stéphane Guilloteau Engineer Expert, Orange Labs.
Geneva, Switzerland, 15-16 September 2014 Critical telecommunication infrastructure protection in Brazil Antonio Guimaraes / Paulo Moura National Telecommunication.

Geneva, Switzerland, September 2014 Critical telecommunication infrastructure protection in Brazil Antonio Guimaraes / Paulo Moura National Telecommunication.
Geneva, Switzerland, 17-18 November 2014 United Arab Emirates Experience Ahmad Alshamsi Manager Type Approval, UAE TRA Combating.

Geneva, Switzerland, November 2014 United Arab Emirates Experience Ahmad Alshamsi Manager Type Approval, UAE TRA Combating.
Geneva, Switzerland, 15-16 September 2014 Cloud security standardization activities in ITU-T Huirong Tian, China ITU Workshop on “ICT.

Geneva, Switzerland, September 2014 Cloud security standardization activities in ITU-T Huirong Tian, China ITU Workshop on “ICT.
Geneva, Switzerland, 15-16 September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.

Geneva, Switzerland, September 2014 ENISA role in ICT standardization Sławomir Górniak, ENISA ITU Workshop on “ICT.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Project Presentation.

Project Presentation.
CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.

CSIAC is a DoD Information Analysis Center (IAC) sponsored by the Defense Technical Information Center (DTIC) Presentation to: Insider Threat SOAR Workshop.
Rome Energy Meeting 2008 Rome, 13-14 November 2008 Investments Opportunities and Project Finance in the Energy Market Luigi Marsullo President Finpublic.

Rome Energy Meeting 2008 Rome, November 2008 Investments Opportunities and Project Finance in the Energy Market Luigi Marsullo President Finpublic.

Similar presentations

Ads by Google