The five cyber security priorities CSPs must address - now!

Data and cyber security have always been complex subjects but with the global shift to virtualisation the complexity is increasing as concerns about data privacy, data security and data management multiply and thus the impacts on new networks and IT infrastructure are diverse and extensive. At the network level, as virtualisation takes a firm hold, as the move towards 5G accelerates and as apps such as IoT and M2M are layered on what are very low-latency 5G and virtual networks, there will be a tremendous explosion in the number of touchpoints (from the millions and billions to the trillions) accompanied by a massively increased flow of data that will have to be managed, protected and secured.

Also, as intelligence moves to the network edge, be that near or far, yet more data and cyber security challenges are emerging as operations and applications move into the cloud. Private clouds are inherently manageable and potentially highly secure but in a multi-cloud environment data is in multiple locations and that is a major privacy and security headache. However, as Sanjay Mewada points out, these challenges are well understood but for them to be manageable telcos and CSPs need to fundamentally rethink how data is managed and current processes are secured.

Expanding on his argument, Sanjay Mewada says that there is a long list of security and privacy concerns that CSPs need to address but there are five main priorities that should be addressed straight away. Telcos and CSPs should begin by securing all the end touchpoints in their network to ensure that data is controlled and managed in a safe and secure way. Secondly, they must securely manage the partner ecosystem. As new services are created through partnerships, the billing, customer, usage, location and service data will be distributed and invoked by partners as and when necessary for various sets of services so CSPs need to have processes and safeguards in place to be able to allow correct levels of access, control, storage and presentation of data to the partner ecosystems.

Thirdly, CSPs must analyse, fine-tune or change security systems because old processes do not necessarily apply to, or work in, the new environment. Number Four: The move into a multi-cloud environment, cloud operation with embedded security is vital. And, finally, the fifth, but by no means the least, priority is to change the organisational structure of the CSP itself. Currently most of them have vertically siloed security departments and systems. These will have to be replaced by a horizontal organisation whereby security experts and systems will be embedded in all aspects of the network to watch every step of every process to ensure that the totality of the system is secure.

Filmed at DSP Leaders Forum 2019, Windsor, UK