Editor’s Note: Welcome to our weekly Reality Check column where C-level executives and advisory firms from across the mobile industry share unique insights and experiences.
Telecoms operators have historically proven they are adept at protecting their networks. As security risks increase in scope and complexity over time, the telecommunications industry is becoming more vulnerable to suffering the consequences of such attacks. A successful cyber-attack on a telecommunications operator could disrupt service for thousands of phone customers, sever Internet service for millions of consumers, cripple businesses and shut down government operations.
Operators have made longstanding contributions to critical infrastructure and technology innovation, and our research indicates that they are prepared for some, but not all, of today’s information security challenges. “The Global State of Information Security Survey 2014,” a worldwide study conducted by PwC, CIO magazine, and CSO magazine, polled 456 telecommunications executives to measure and interpret how they combat today’s cyber threats.
Some results were surprising. For instance, while the number of security attacks against critical infrastructure has been rising, the study found that telecoms executives detected 17% fewer security incidents over the past 12 months. Additionally, downtime of networks, applications and services jumped this year to an average of 21 hours, up from 15 hours in the prior year. Exploitation of networks was the most commonly cited impact of security incidents, followed by compromise of data.
(Figure 1: Type of security incident)
What’s more, breach of employee and customer information also increased substantially over last year, potentially jeopardizing an organization’s most valuable relationships. Telecom operators reported that compromise of employee records increased 54% and breach of customer records jumped 44%. Safeguarding customer information is critical because, as one telecom executive says, “If you don’t have customers, you don’t have to worry about new devices or services.”
(Figure 2: Impact of security incidents)
Source of cyber risks
Thirty-seven percent of respondents attribute security incidents to hackers, a significant jump (23%) over responses from the prior year. As a result, many operators are grappling to understand the might and motives of “hacktivist” groups like Anonymous, which have been responsible for many ideologically motivated attacks designed to bring about social change. Some operators are preparing their workforce to recognize and report the type of individual who may belong to such groups.
After hackers, employees present the greatest threat to security. Almost one-third (32%) of operators cite current employees as the source of incidents and 28% lay the blame with former employees. Fifty-nine percent of telecoms respondents said their company has an employee security awareness training program in place, up from last year. That’s progress, but given the potential for damage that an uninformed or careless worker can unleash, all organizations should have training programs in place.
Chasing mobile and cloud risks
Another front-burner issue for telecoms organizations is the proliferating risk of intrusions via mobile devices, whose ubiquity has compounded a number of security risks. But if mobility represents a pressing security challenge for telecom firms, according to the survey, they have done little to deploy security measures. For instance, our data shows that only 45% of telecoms organizations have a mobile device security strategy in place, and fewer (38%)employ mobile device management software, which is essential to safeguarding a fleet of handhelds. Just 36% said they protect corporate e-mail and calendaring on employee- and user-owned devices.
Here’s another finding that caught our eye: A striking lack of security practices exists among telecoms organizations that have implemented customer-facing mobile applications. Only 34% of respondents said they have created secure mobile app development processes, and just 26% employ a unique set of network and firewall policies to protect data. Encryption of data is key in safeguarding information packets in the wild, but only 27% of telecoms respondents said they encrypt sensitive data in the mobile app and just 30% employ transport encryption.
(Figure 3: Initiatives launched to address mobile security risks)
The cloud has been around for more than a decade, and today 50% of operators said they use some sort of cloud service – and of those, 57% said the technology has improved their information security. So it’s a bit surprising to learn that many organizations haven’t seriously addressed the security implications. For instance, while half of telecoms respondents report using cloud services, only 20% include provisions for cloud in their security policies.
It’s imperative that operators implement policies that form the basics of cloud security, including data encryption, protection of business-critical data, ensuring that service providers adhere to security standards, and regulations regarding where data can be stored, among others. They should also require that third-party cloud providers agree to follow security practices.
How telecom operators are improving cyber-security
Telecom businesses are taking action to achieve an enhanced level of ongoing insight and intelligence into ecosystem vulnerabilities and dynamic threats, including boosting information security budgets significantly. This year, the survey found that security budgets and overall IT spending increased over 2012. Despite this increase, however, information security budgets represent only 3.4% of the total IT spend this year, a relatively small investment that has remained constant in recent years, according to the survey.
Another new approach is sharing information with others to improve security and gain intelligence on current threats. Among telecom respondents, 54% said they collaborate with others – including competitors – to improve security and reduce the potential for risks.
Technology safeguards, of course, are another foundational element to secure telecom ecosystems against today’s evolving threats. Operators are deploying solutions that augment threat detection and intelligence capabilities. Specifically, we’ve seen operators increase use of technology safeguards like intrusion-detection tools, asset-management tools, protection and detection solutions, patch-management tools, centralized user data storage and more.
Conclusion
Today, information security is a discipline that demands advanced technologies and processes, a skill set based on counterintelligence techniques, and the unwavering support of top executives. We believe there is a need for a new approach to security, one that’s driven by knowledge of threats, assets, and adversaries. One in which security incidents are seen as a critical business risk that may not always be preventable, but can be managed to acceptable levels. Such a model will enable telecoms companies to effectively manage today’s evolving threats, understand new threats that accompany a shifting business model and prepare for the unknowable threats of tomorrow.