Handle with care: info in a hyper-connected world
The only way to glean great benefits from the digital transformation that characterizes all industries is to use, analyze and store significant personal information. That information enables access to critical health and financial services that we find on multiple devices and infrastructures.
However, storing information is a double-edged sword. According to many experts, cyber attacks and data breaches are increasing at a breakneck rate. In its most recent threat report, McAfee Labs claims that an average of 244 new cyber threats were reported every minute in the first quarter of 2017 – an increase of 53 percent from the last quarter of 2016. That’s more than four every second! These alarming statistics reveal how commonplace covert security incidents have become. And, as we’ve seen in recent headline-grabbing hacks and data breaches, these incidents are affecting everyone from government bodies to private individuals. Is there anything we can do to halt this trend? Of course there is. I have four simple steps to follow. They are below; but first, some context.
Many corporations think buying a box of software tools or passing an audit ensures that they will not get breached. This is far from the truth. Effective cybersecurity needs to look at the entire life cycle across assets to detect, defend and respond. This requires genuine collaboration, continuous operation and trust among stakeholders.
My job is to ensure that cybersecurity and confidence in operator networks remain strong, despite the various opportunities and challenges presented by digital transformation. I’m based in the US, and I regularly attend conferences and customer meetings there, where we talk about blockchain and responsible transactions. Yes, these are incredibly trendy words, but they are also important principles, which we live and die by in Ericsson Managed Services – and in much of the industry.
Thankfully, there is already a rich dialogue between us, operators, the regulators and governmental bodies to help minimize the risks. And, while we need to continue developing these discussions to ensure we make the right decisions, the good news is, we all want the same thing.
An example: We were at the largest security event for our industry event earlier this year with a customer, when he faced a security breach. Our security analysts were able to respond immediately and resolve the issue before any damage could be done. His concerns were alleviated once he saw how quickly we solved the situation and in no time, we turned our thoughts elsewhere and enjoyed a coffee together.
The right amount of proactivity will allow such a relaxed, but not remiss, attitude. Some hackers rely on brute force attacks while others prefer to wait for the perfect moment to maximize disruption. It is crucial that we have the right monitoring mechanisms in place that proactively detect and deter all threats.
Given the experience of running critical infrastructure and handling complex regional regulations and data sovereignty norms, the role of telecom managed service providers is critical. Providers like us are responsible for securely handling large volumes of data and leveraging appropriate controls and monitoring mechanisms.
Did you know that at Ericsson, we have been navigating local regulations and managing critical infrastructure across 100 plus countries for more than 20 years? This is all crucial for cybersecurity and data privacy.
We are hardly alone. We work closely with partners like McAfee Labs, Intel, Cisco and with unique threat intelligence providers to help ensure we all stay ahead of the cyber attackers. Together, we all need to address crucial areas that concern corporations and operators.
My four simple steps to follow are:
- Assess if the security measures is aligned with the business environment.
- Proactively detect the threats that pose a risk of disruption and ensure these are focused on.
- Ensure defense mechanisms function effectively to secure critical network, IT and operational technology infrastructure.
- Proactively and rapidly respond in the event of a breach.
As a key driver of 5G and the IoT, and as we are continuously running secure operations as part of managed services, Ericsson is at the forefront of advising regulators and government bodies in fighting cyberattack threats. The attacks come fast and more frequently, so our best strategy is to take our experience, knowledge and energy in concert with the industry experts, and stay ahead of the attackers.
Related link: white paper explores ways 5G networks can be used to provide highly valuable security services.
About the author:
Karthik Subramanian (Head of Portfolio & Services Managed Security at Ericsson Managed Services) is responsible for the global managed security portfolio and business development. He was instrumental in driving the cybersecurity business strategy at Ericsson and brings two decades of experience in strategy, investments, partnerships, sales and R&D in the technology space.