Balancing telecom security, law enforcement, and customer trust

In this Help Net Security interview, Mark O’Neill, CTO at BlackDice Cyber, talks about collaboration, transparent policies, and a security-first mindset. As 5G and IoT emerge, robust measures and AI will navigate challenges and shape the telecom industry’s future.

Considering the phenomenal increase in mobile and IoT devices, data traffic subscribers, and SIM connections, how have the security challenges evolved for telecom providers?

The telecom industry has had to respond to several changes in the demands and expectations of its consumers. For instance, the pivot to remote working catalysed by the Covid-19 pandemic, combined with the growing consumer expectation for seamless, secure access to personal and financial data, has led us to a junction point.

The walls have crumbled; we’re no longer operating within the safe boundaries of office or home networks. With users connecting from various locations and devices, our security measures must match these patterns. Regardless of the security of the network connection, the consumer should be provided with the protection they need to keep them and their data safe.

As the telecom landscape continues to grow with more devices and subscribers, we find ourselves dealing with an ‘expanded attack surface’. This isn’t just a simple matter of scale, but of sophistication as well. The challenge is both the sheer volume of data and the complexity of network structures, combined with the cunning and sophistication of nation-state actors and modern cybercriminals.

Responding to these evolving threats requires a significant shift in how we approach cybersecurity. Regardless of the security of the network connection, the consumer should be provided with the protection they need to keep them and their data safe. It’s clear that old security playbooks need a serious update.

As we’ve seen an increase in nation-state actors targeting telecom providers for covert surveillance, what can be done to detect and prevent such high-level attacks?

Nation-state actor attacks are distinguished by their strategic objectives, significant resources, sophisticated techniques, and broader implications. While regular cyber-attacks can still be harmful and disruptive, they often lack the geopolitical and strategic dimensions associated with nation-state attacks. The motivations and consequences of these attacks dictate the level of preparedness and response required to detect and, where possible, prevent these types of attack.

To effectively tackle the threat from nation-state actors and other advanced cyber threats, we need to think smart – and that means embracing artificial intelligence (AI) and machine learning (ML). Using AI to set a “normal” baseline for network activity allows us to spot anomalies that could signal an attack. But it’s not enough to have high-tech tools in our arsenal; we need to build a culture of collaboration too. The more we share information about the attacks we’re facing, the stronger we can all become.

AI’s potential goes far beyond just observation and tracking, and its real power comes from not just watching but actively defending its domain – going beyond passive surveillance and reactive responses. It’s time we utilised its capabilities to actively defend our networks. As our homes become data-driven and connected, they simultaneously become prime targets for cybercriminals. Here, AI operates much like a ‘vaccine’ for our networks; inoculating them against cyber threats by analysing and learning from global threat data and emerging cybercrime trends.

The consequences of a security breach can severely damage a company’s reputation. What proactive measures do you recommend to prevent security breaches and ensure protection against espionage, data theft, and downtime?

The solution to our growing security challenges is not as straightforward as upgrading hardware or introducing new firewalls. It requires us to fundamentally rethink our approach and place security at the forefront of our technology decisions. This isn’t just a simple matter of scale, but of sophistication as well, and it calls for due diligence on our technology providers to ensure they meet our stringent security standards and are not at risk of state-sponsored surveillance or espionage.

A security-aware culture is equally vital and necessitates a comprehensive, people-centred approach. We must ensure everyone involved in our services understands the gravity of cybersecurity. AI and ML play instrumental roles in detecting threats, and adopting a zero-trust strategy, where every access request is verified, strengthens our security fabric. To keep our defences sharp, we advocate for regular system testing, including AI-assisted monitoring and penetration testing.

AI and ML present us with an unparalleled opportunity to bolster our defences. By establishing a ‘normal’ network baseline with AI, we can effectively detect anomalies, which may indicate an attack. However, the strength of our defences doesn’t rely on technology alone. We are advocates for building a collaborative culture, sharing threat intelligence within and across industries. By pooling our knowledge, we become collectively stronger and better prepared for cyber threats.

Telecommunication services have the dual role of providing secure services and supporting law enforcement agencies in their fight against crime and terrorism. How can they balance these obligations while maintaining their customers’ trust and privacy?

Trust is as crucial to our industry as technology. We must strike a balance between security and maintaining customer trust. However, balancing security with customer trust is a delicate act.

Customers need to have trust in the telecom provider’s ability to protect their information. Clear communication of the telecom provider’s data usage policies, including the established protocols for sharing information with third parties such as security services and law enforcement agencies, provide transparency and clarity to the customer. Obtaining individual consent to, or the ability to opt-out of, the policies allow the customer to maintain control over their information and how it is used.

Adoption of a “privacy by design” data strategy is essential as we need to be open with our customers about how we use their data, but also show them that we’re doing everything we can to protect it. This means collecting only what we need, and using strong encryption and AI-based anonymisation methods to ensure that personal data stays private.

Ultimately, maintaining open communication with customers and adhering to robust privacy policies will strengthen the relationship between telecommunication services and their users.

How can the telecommunication industry prepare itself for the future, especially with the upcoming 5G networks and the billions of additional devices that will come online?

It’s clear that the telecom industry is on the cusp of a major shift into an era of 5G and IoT. To prepare for the future, a security-first mindset will be crucial for telecom providers.

As we move towards 5G networks and a proliferation of IoT devices, we need to implement robust security measures like a zero-trust model and network segmentation. By doing this, we can reduce the attack surface and make it harder for cybercriminals to exploit our systems. AI and ML will be key tools in managing the large volumes of data generated by these devices, enabling us to spot potential threats quickly and efficiently.

As the number of IoT devices continues to increase, we need to put robust systems in place to manage and secure them. By taking these steps, we can better tackle the complex challenges of today and be ready for whatever the future holds.