To embed our video on your website copy and paste the code below:
<iframe src="https://www.youtube.com/embed/Xg6T-XOGwFw?modestbranding=1&rel=0" width="970" height="546" frameborder="0" scrolling="auto" allowfullscreen></iframe>
Sanjay Mewada, Chief Strategy Officer, Netcracker & Phil Rowe, Global General Manager, AT&T
In a continuation of their widely-ranging analysis of the state of network security in the age of virtualised networks and 5G, Phil Rowe of AT&T and Sanjay Mewada of Netcracker discuss how telcos and vendors of security solutions should, at all times, keep data security in the forefront of their thinking and at the top of the agenda.
As Phil Rowe says, the first thing to recognise and remember is that telcos like AT&T are delivering to their enterprise customers the platforms, the networks and all other components that enable them to become digital enterprises and so fulfill the potential of all that means, now and in the long-term. Enterprises look to telcos and network operators for advice and direction in helping them to solve their security problems and help in creating a viable security framework. And, as Phil Rowe emphasises. Telcos need to acknowledge that and step up to their responsibilities.
Telcos and carriers can't just absolve themselves from involvement in the issue and claim that security is a problem for the enterprise alone. It's not, and enterprises cannot and should not be expected simply to get on with it on their own and hope for the best. Telcos must accept that ownership of the security problem is theirs and strive always to deliver optimum enterprise solutions. Telcos should routinely provide advice and guidance to enterprises, to tell them about the things they should be aware of and, equally importantly, the things that actually are solely the responsibility of the individual enterprise and are issues that AT&T and other telcos cannot solve and cannot be called upon to solve.
Statistics show that big global enterprises have well over 50 different security components and solutions deployed - and usually siloed. These include firewalls, e-mail gateways, anti-virus software and DDOS attack solutions. There are a myriad of them. They're all good, they all work and most of them are necessary, but yet again it is in the gaps between the components where troubles can lurk and that is a problem of integration and it is the job of telcos to deliver integration across diverse platforms.
The new AT&T Cyber Security Division has coined the phrase "Security Without Seams" and that is the key to what is needed - a sort of overlay, across the top of all the solutions, that is an inherent part of the network's capability, in and of itself, that overarches all components to deliver seamless integration in a secure environment.
The fact is that no-one, can prevent a security threat or stop enterprises being attacked, but what the industry can do is help enterprises to understand where their risks and vulnerabilities lie, how they can protect themselves against future attacks and how to ensure they will not impact their business. And so, the AT&T Cyber Security Division collaborates with the security solutions providers. It is important to stress it is not seeking to replace what are essential components of a security infrastructure but endeavouring to bring them and integrate them so they become a seamless security solution and not just individual point solutions to individual point problems.
Sanjay Mewada echoes the points made in Phil Rowe's analysis and concurs that, of course, some security aspects and components are proper only to an enterprise but stresses that once data touches the network, the responsibilities of companies such as Netcracker kick-in. He adds that Netcracker's security solutions are not just best in class but also meet and then exceed all security requirements.
Sanjay Mewada also stresses that as CSPs transform into DSPs the organisation itself can become a challenge because the transformation means that long-established processes have to be redesigned and changed. For example, today many organisations keep their security functions in separate silos and this old-fashioned organisational stratagem simply won't work in the virtualised network and 5G world. The industry is now experiencing the introduction of the concept of Dev Sec Ops, rather than just Dev Ops. This change makes security the common denominator with security experts embedded in the network, IT, operations and business functions and not part of a single silo somewhere.
Filmed at DSP Leaders Forum 2019, Windsor, UK
Stay up to date with the latest industry developments: sign up to receive TelecomTV's top news and videos plus exclusive subscriber-only content direct to your inbox – including our daily news briefing and weekly wrap.