Telecommunications
It’s easy to see why. When a telco’s network fails it often makes the national newspapers. Their credibility, and their ability to retain and win customers, largely rests on the availability of their networks. That’s why ‘five nines’ is the benchmark for the sector (i.e., 99.999% availability).
However, telecom networks are also a prime target for hackers and regularly fall victim to a range of attacks. According to one study, 61% of telcos admitted to being targeted by a ransomware attack between 2021 and 2022.1 As national critical asset, telcos and their networks attract attacks from both financially motivated criminals and nation state threat actors.
What’s more, as Jonathan Gohstand, director of security product marketing at HP points out: “Over the past decade, telcos’ business and operational models have changed dramatically, and that is having an impact on their security needs.”. The advent of software-defined networking is a key driver in this regard. Networks are increasingly commoditised, and telcos are looking to drive revenue through new products and services. This is driving an innovation bonanza, with 77% of global telcos having embarked on more than five business-building initiatives over the past decade.2
Efficiency is crucial to innovation on this scale. Telcos cannot waste resources on hardware for services that only require full provisioning for periods of high demand. Software-defined networking enables flexibility for bandwidth provisioning, routing and other network functions, and telcos are looking for a similar approach to enable the security requirements of their new services.
The shift in telco business models is also impacting the way they look to finance technology investments, including cybersecurity systems. When launching a new product or service, telcos are wary of spending large amounts of capex for something that may or may not gain traction. Many therefore look to move such investments into the opex column of the balance sheet to reduce their financial risk.
Over the past decade, telcos’ business and operational models have changed dramatically, and that is having an impact on their security needs.
CIOs at telcos are on the hunt for innovative approaches to security that are well suited to an agile, software-defined world. Here’s just a few potential steps they could take:
Disaster recovery. There are many potential points of failure that can affect the ability of telcos to meet their “five nines” availability objective. Often overlooked is the ability to get employees’ desktops up and running again following a cyberattack. CIOs should look for PCs and laptops with embedded storage modules capable of maintaining an image of the device OS, such as is delivered by HP Sure Recover. This capability enables users to reimage their endpoint and get working immediately without the need to call for IT support. That means workers can maintain productivity and customer service levels, and the IT team is free to focus on fixing other issues that may have occurred.
Device as a Service. Endpoints are also often overlooked when it comes to unlocking opex-based financing models. Telcos are of course familiar with software, infrastructure and platform capabilities being consumed “as a service”, and the same approach can now be applied to endpoints. In HP’s DaaS model, for instance, the HP team configures, optimises, maintains and repairs devices. As well as removing an operational headache from IT, which can spend more time on strategic work, the approach extends opex financing to new areas of the business.
Device security. While endpoint protection is important for all organisations, it’s arguably more so for telcos. If a device falls into the wrong hands, criminals can potentially steal subscriber data and network configurations or even access network infrastructure. The device is therefore a potential gateway to bringing down networks and putting availability at risk. The ability to remotely lock, wipe and locate lost or stolen devices is therefore mission critical for telcos. Solutions such as HP Wolf Protect and Trace can help in this regard, providing CIOs peace of mind that their IT team can shut off unauthorised access to files and the network from stolen devices.
1 TechTarget, “Top 14 ransomware targets in 2023 and beyond,” https://www.techtarget.com/searchsecurity/feature/Top-10-ransomware-targets-in-2021-and-beyond
2 McKinsey & Company, “How telcos can succeed in launching new businesses beyond connectivity,” February 2022 https://www.mckinsey.com/industries/technology-media-and-telecommunications/our-insights/how-telcos-can-succeed-in-launching-new-businesses-beyond-connectivity
