Workshops Telecommunications Cryptographic Inventory and Risk Assessment
Telecommunications Full Day or Half Day Workshop

Cryptographic Inventory and Risk Assessment for Telecoms Operators

Practical workshop for telecoms security and network teams to discover cryptographic assets across multi-vendor infrastructure, assess quantum vulnerability, and build a prioritised migration roadmap.

Full day (6 hours) or half day
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

Practical workshop for security operations and network security teams at mobile network operators and fixed-line carriers. Covers cryptographic asset discovery methodology for complex, multi-vendor network environments, construction of a Cryptographic Bill of Materials (CBOM) across RAN, core, transport, and OSS/BSS layers, quantum vulnerability classification using the ETSI GR QSC 006 and NCSC frameworks, and migration priority matrix development aligned with 3GPP Release 19/20 timelines, NIS2 Directive requirements, and national telecoms security legislation.

Mobile networks are among the most cryptographically complex environments in any sector. A single operator may run Ericsson RAN with Nokia core network, Cisco transport, and multiple OSS/BSS vendors, each implementing cryptography independently. SIM/USIM key agreement uses ECDH. 5G-AKA authentication depends on elliptic curve operations. GTP tunnels, SBA interfaces, and management plane communications each have separate cryptographic dependencies. Many of these are invisible to network operations teams because they are embedded in vendor firmware. Building a complete cryptographic inventory is the prerequisite for any PQC migration programme, and it is substantially harder in telecoms than in enterprise IT because of this vendor fragmentation. This workshop provides the systematic methodology and produces a working CBOM that participants take away and extend to their own networks.

What participants cover

  • Cryptographic discovery across RAN, core, transport, and OSS/BSS: systematic methodology for identifying algorithm implementations in multi-vendor telecoms infrastructure
  • CBOM construction: building a Cryptographic Bill of Materials that maps every algorithm to its network function, vendor, protocol, and data flow
  • Quantum vulnerability classification: categorising algorithms as broken (RSA, ECDH, ECDSA), weakened (AES-128, SHA-256), or safe (AES-256) under quantum attack
  • Harvest-now-decrypt-later risk assessment: identifying which telecoms data flows carry information with secrecy lifetimes exceeding the quantum threat horizon
  • Migration priority matrix: combining vulnerability, sensitivity, exposure, and remediation complexity into a scored, actionable migration sequence
  • Regulatory alignment: mapping migration phases to NIS2, national telecoms security requirements (UK TSA, German TKG, French ARCEP), 3GPP, and GSMA PQC guidance

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your network architecture, vendor mix, and regulatory jurisdiction.

# Session Topics
1 Telecoms Cryptographic Architecture Baseline Where cryptography lives across RAN, core, transport, and service layers
2 Cryptographic Discovery Methodology for Multi-Vendor Networks Building a Cryptographic Bill of Materials across heterogeneous telecoms infrastructure
  • RAN layer discovery: identifying cryptographic implementations in baseband units, fronthaul (eCPRI), and midhaul interfaces across Ericsson, Nokia, Samsung, and Open RAN vendors
  • Core network cryptography: GTP-U/GTP-C tunnel encryption, 5G-AKA authentication, SUPI/SUCI privacy mechanisms, and SBA (Service Based Architecture) TLS dependencies
  • Transport and backhaul: IPsec and MACsec implementations across MPLS/Segment Routing networks, peering points, and submarine cable landing stations
Break, after 50 min
3 Quantum Vulnerability Classification and Risk Scoring Mapping algorithm exposure to quantum threat timelines
  • Algorithm vulnerability taxonomy: classifying RSA, ECDH, ECDSA, AES, SHA across telecoms protocol stacks by quantum vulnerability category (broken, weakened, safe)
  • Data sensitivity and harvest-now-decrypt-later: assessing which telecoms data flows carry information with secrecy lifetimes exceeding the quantum threat horizon
  • Composite risk scoring: combining algorithm vulnerability, data sensitivity, exposure window, and remediation complexity into a prioritised migration matrix
4 Interactive Demonstration: Building a Telecoms CBOM Full-day format only
  • Working through a reference mobile network architecture to populate a Cryptographic Bill of Materials (CBOM) across RAN, core, transport, and OSS/BSS layers
  • Applying the ETSI GR QSC 006 and NCSC quantum risk assessment frameworks to score each cryptographic dependency by migration urgency
  • Generating a migration priority matrix that accounts for vendor dependency, standards timeline (3GPP Release 19/20), and operational risk
Break, after 60 min
5 Migration Planning and Vendor Readiness Turning the inventory into an actionable migration roadmap
  • Phased migration sequencing: prioritising SIM/USIM key agreement, then core network SBA interfaces, then RAN backhaul, based on exposure and feasibility
  • Vendor readiness assessment: evaluating Ericsson, Nokia, Huawei, Mavenir, and Cisco PQC roadmaps against your specific network topology
  • Regulatory alignment: mapping migration phases to NIS2 Directive timelines, national telecoms security requirements (UK TSA, German TKG, French ARCEP), and GSMA PQC guidance
6 Operational Continuity and Testing Strategy Migrating without degrading network performance or availability
  • Hybrid classical/PQC deployment: running ML-KEM alongside ECDH during transition to maintain backward compatibility with legacy equipment
  • Performance testing methodology: measuring PQC handshake latency impact on 5G-AKA, GTP tunnel setup, and TLS session establishment at production traffic volumes
  • Rollback planning: designing crypto-agile architectures that allow algorithm replacement without service interruption
7 Q&A and Organisation-Specific Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and telecommunications systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

TE

Telecommunications Partners

Domain expertise and operational validation

Telecommunications workshops are co-delivered with sector specialists who bring direct operational experience in telecommunications organisations. This ensures workshop content is grounded in regulatory, operational, and technical realities specific to the sector.

Commission This Workshop

Sessions are configured around your network architecture, vendor mix, regulatory jurisdiction, and current cryptographic visibility. Get in touch to discuss requirements and schedule a date.

Contact Us
Telecommunications Workshops All Consulting Services All Workshops