Agenda Day One | 22 June 2022 | 2PM (CET)

Telecom Threat Intelligence Summit 2022

Following the first ever Telecom Threat Intelligence Summit in October last year, HardenStance is delighted to welcome you to TTIS 2022 on June 22nd and 23rd.

HubSpot Video

Agenda Summary Day 1 - June 22nd

EST CET Company Speaker Talk
08.00 14.00 HardenStance Patrick Donegan  Welcome & introduction.
08.10 14.10 GSMA David Rogers

Advancing threat intelligence sharing across the mobile ecosystem.

08.30 14.30 Lumen Kathryn Condello

From Information Sharing to Joint Collaboration:  Creating new norms for ecosystem protection.

08.55 14.55 AdaptiveMobile Security, an Enea company Cathal Mc Daid Mobile Networks, Nation States & Threat Intelligence.
08.20 15.20 Orange Polska Przemek Deba

Threat Intelligence Learnings from Orange Polska.

09.45 15.45 NetScout Roland Dobbins

Sharing The Latest DDoS Attack Intelligence.

10.10 16.10 20 minutes interval
10.30 16.30 Avast Jaya Baloo

Threat Intelligence Usage in Telecom and other Industries.

10.50 16.50 Cyber Threat Alliance Michael Daniel

Changing talk to action: overcoming the barriers to information sharing.

11.10 17.10 Fortinet Derek Manky

Advanced Persistent Cybercrime: The Convergence of APT.

11.35 17.35 HardenStance Patrick Donegan Closing remarks and wrap up.
12.00 18.00 Close conference

Agenda Day 1 - 22 June 2022

05.00 AM PST  |  08.00 AM EST  |  14.00 PM CET


Patrick Donegan

Welcome & introduction

TTIS 2022 serves as a forum for advancing best practise as regards threat intelligence sharing between telcos in different countries as well as within their domestic markets; between telcos and other leading actors in the ICT ecosystem; between telcos and their customers; and between different groups and departments within the telco organisation.

05.10 AM PST  |  08.10 AM EST  |  14.10 PM CET

GSMA logo

David Rogers, MBE, Chair, GSMA’s Fraud and Security Group (FASG)

Advancing threat intelligence sharing across the mobile ecosystem

David will provide an update on the GSMA’s work in advancing threat intelligence sharing and other collaboration across the mobile ecosystem to combat mobile fraud and security challenges, including work on ensuring machine-readable telecoms intelligence is standardised and actionable.

05.30 AM PST  |  08.30 AM EST  |  14.30 PM CET

Lumen Logo Blue_Black RGB (1)

Kathryn Condello, Senior Director

From Information Sharing to Joint Collaboration:  Creating new norms for ecosystem protection

"Information Sharing" has been a buzz-phrase in cybersecurity for quite a time. Just what does "information sharing" mean to an ISP?  How does it happen, how is it evolving and how will this change the way we protect the global internet?  Ms. Condello will outline current and evolving efforts to protect the global internet ecosystem as Industry moves to next generation network capabilities.

05.55 AM PST  |  08:55 AM EST  |  14.55 PM CET

Enea - AdaptiveMobile Security Logo

Cathal McDaid, CTO

Mobile Networks, Nation States & Threat Intelligence

In recent months we have witnessed the widespread need and use of mobile networks on the Ukrainian battlefield. It is now recognised that Mobile Networks are truly critical national infrastructure. At the same time many threats over mobile network interfaces, especially signalling network are via state or state-supported actors in telecom networks. As a result, the need to co-ordinate and share telecom threat intelligence has never been higher, in order to protect this critical network infrastructure. We speak about what the industry has learnt over the past few months, and what is the future in this area.

06.20 AM PST  |  09.20 AM EST  |  15.20 PM CET


Przemyslaw Deba, CISO

Threat Intelligence Learnings from Orange Polska

Poland’s telcos are experienced in dealing with cyber threats including Advanced Persistent Threat (APTs). CISO, Przemyslaw Deba, will share Orange Polska’s experience and thoughts on what telcos do well in terms of using and sharing cyber threat intelligence – as well as what they could do better.

06.45 AM PST  |  09.45 AM EST  |  15.45 PM CET


Roland Dobbins, Principal Engineer

Sharing The Latest DDoS Attack Intelligence

DDoS attacks continue to pose a major threat to Service Providers and their customers. Staying abreast of and sharing information related to DDoS attacks trends and best practices in defense is vital for effective mitigation. In this session NETSCOUT will discuss DDoS attack trends and key findings from their latest Threat Intelligence Report.

07.10 AM PST  |  10.10 AM EST  |  16.10 PM CET

20 minute interval - Day 1

07.30 AM PST  |  10.30 AM EST  |  16.30 PM CET


Jaya Baloo, CISO

Threat Intelligence Usage in Telecom and other Industries

Having worked in infosec and CISO roles in a number of telcos, Avast CISO Jaya Baloo will reflect on how well telcos generate, curate, apply and share threat intelligence compared with other sectors of industry and will suggest steps for improvement.

07.50 AM PST  |  10.50 AM EST  |  16.50 PM CET


Michael Daniel, CEO

Changing talk to action: overcoming the barriers to information sharing

Although everyone agrees in principle that sharing threat intelligence would be beneficial, making sharing work in practice usually proves quite challenging. Drawing on CTA’s experience over the last five years, Michael Daniel will discuss the barriers to effective intelligence sharing and offer some strategies for overcoming them. 

08.10 AM PST  |  11.10 AM EST  |  17.10 PM CET


Derek Manky, Chief Security Strategist & VP Global Threat Intelligence

Advanced Persistent Cybercrime: The Convergence of APT

As we continue to talk about the convergence of networking and security, there is a parallel convergence occurring with the threat landscape. APT groups, typically associated with nation states, have also been busy converging their infrastructure and playbooks with cybercriminal groups – and vice versa. This means that cyber crime, which accounts for a majority of attack activity we observe, is shifting left. The focus is on observing and blueprinting intended target in premeditated fashion with more aggressive attack methodologies. This talk will examine how attackers are building their playbooks in 2022, including destructive attacks such as wiper and ‘bricker’ malware that even impacts satellite communications.

08.35 AM PST  |  11.35 AM EST  |  17.35 PM CET


Patrick Donegan, Founder and Principal Analyst

Closing remarks and wrap up

09.00 AM PST  |  12.00 PM EST  |  18.00 PM CET

Close Conference - Day 1