Cybersecurity: A cautionary tale with an optimistic twist
To embed our video on your website copy and paste the code below:
<iframe src="https://www.youtube.com/embed/dPAFQSStv4s?modestbranding=1&rel=0" width="970" height="546" frameborder="0" scrolling="auto" allowfullscreen></iframe>
Sanjay Mewada, Chief Strategy Officer, Netcracker & Phil Rowe, Global General Manager, AT&T
In a wide-ranging discussion Sanjay Mewada of Netcracker and Phil Rowe of AT&T analyse the changes that have taken place in data and cybersecurity in the digital age.
As Phil Rowe explains, digitisation and the digital economy have driven massive global change. New technologies and network architectures have allowed the development of new business models, new services, new products and new mechanisms for opening up new markets that have been of phenomenal benefit to both enterprises and the mass market. However, a major downside has been the huge rise in global cyber-criminality that has accompanied digitisation and the introduction of the new technologies.
Data is the rocket fuel of the digital economy and is also the currency of cyber-criminals. The proliferation of end points that is the direct result of the success of digitisation provides new ways of reaching customers and the spread of new services (such as IoT) brings with it increased risk for enterprises and individuals alike as cyber-criminals ruthlessly exploit network vulnerabilities and cyber attacks proliferate.
This is is a big worry, and, in extremis, even a potential existential threat to CSPs and their customers. As Phil Rowe points out, it is no exaggeration to say that CEOs are more worried about security that they are about market downturns and recessions. If a CEO fails to manage a company's way through economic hard times, he or she will probably get fired, but if a major security lapse of breach happens on his or her watch, a jail sentence looms.
However, there is an upside, as Sanjay Mewada points out. Corporate and individual awareness of such pitfalls has risen markedly, as has general knowledge of digital and privacy legal rights and much wider understanding of the concept of 'informed consent'. Furthermore, initiatives such as tighter and better new regulation and the introduction in Europe of GDPR to protect data and privacy have been welcomed, and have either prevented or stemmed many data breaches and cyber attacks.
Simultaneously, a significant onus has been placed on CSPs and vendors alike because it is their responsibility to ensure that end users, be that in the enterprise or the mass market, can be confident that their data is safe and secure, and that there is the best possible control over the collection, distribution, analysis and access to data being generated at multiple end points, such as in 5G, IoT and M2M.
Sanjay Mewada adds that the impact that new network and IT technologies have had, and are having, on data and cybersecurity is very extensive. Virtualisation and the move to 5G will usher in an era of extremely low latency, very high-bandwidth and very high-capacity networks. As fibre optics reaches all enterprises and almost every household, and as IoT and M2M become commonplace, a mega-tsunami of data will be generated. Furthermore, as everything is virtualised, the network will be distributed and there will be no single owner or entity controlling the network end-to-end. Instead it will be multiple VNF providers and entities working together to create virtualised services and the more distributed the network is, the harder it is to manage and protect.
At the same time the emergence of the intelligent edge will see data being stored, processed, accessed and distributed from there and that creates a multiplier as far as the threats to data security is concerned and that too will have to be very carefully managed.
But wait, there's more, as they say on the TV ads; there's the fact that many services will be delivered with the help of partners and data will be accessed, used, processed and distributed with the help of partners, i.e. entities other than a CSP itself, and this will create an environment and series of gaps through which data might be accessed by unauthorised parties and criminals.
Phil Rowe emphasises that new comms technologies are an immense complex of multiple components, some of which are 3rd party and others proprietary, but all of which are being brought together to deliver the transformed network. Thus, while many parts of the new network are individually secure, it is when they are brought together that network risks are magnified and it is the proper integration all the disparate individual parts that is the key to creating a secure platform.
Phil Rowe also points out that data is now so distributed that as it routinely crosses national and international borders, regulatory environments and different political systems, it is inevitable that these other multiple risk factors create potential problems of data security and privacy. Thus, it is a major concern that these 'fear factors ' could put a brake on the adoption of the digital economy. Phil Rowe says that such concerns are valid and understandable but that enterprises absolutely should not be in fear of security. It is natural to have worries but the drive to digital is unstoppable and those that allow security to dominate their agendas will quickly lose out to their competitors. He says industry should have the confidence in the knowledge that CSPs and solutions vendors will help them solve all their security problems, because they will and because they have to.
Filmed at DSP Leaders Forum 2019, Windsor, UK
Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.