main

Service Provider

Network Slicing: Not As Dicey As You Might Think!

May 30, 2019 — by Eyal Yaron1

5GNetworkSlice-960x640.jpg

Every now and again, we hear a new technical term that requires a cursory Google search to make sure we are current with the times. Sometimes new terms are just recycling old concepts. Right now “Network Slicing” is en vogue, promising to help enable the evolution of modern networks. 

At its core, it involves the ability to run multiple virtual networks across a shared physical infrastructure – essentially a separation of data plane and control plane. We have seen these before, for example in Software Defined Networking (SDN) and Network Functions Virtualization (NFV), both of which are inextricably linked to network slicing. Although often used concurrently in 5G discussions, network slicing is, in fact, an architecture paradigm that can exist outside of 5G and provide immense value for service providers in terms of efficient implementation of value-added services that can be monetized as revenue.

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Dedicated Virtual Networks

Network slicing aims to isolate specific application traffic into a dedicated virtual network, whereby each slice carries specific application traffic such as IoT Telemetry or Automotive. Having an isolated virtual network enables different use cases to have unique network characteristics to a diverse end-user community. It also provides an opportunity to match allocated resources for the slice to expected usage patterns and specific value-points of the end-user services.

An example of a slicing application is telemetry sensors. Telemetry sensors that are required to send data every 12 hours may settle for high latency values, low bandwidth, and centralized compute services in the cloud. An industrial IoT which controls the manufacturing floor will require low latency and local compute with high-bandwidth at the far edge. In this case, building a network which is required to share both of the services will not be efficient and will create unbalanced costs. Imagine if you had to build an 8 lane high-way and let bicyclists ride it occasionally!

[You may also like: 5G Security in an API-Driven Economy]

Cyclists vs. Autos

But with network slicing, the service provider can offer a different connectivity based on a dedicated slice, which ensures the service offerings do not overlap. In our example, that would be one road crafted only for cyclists and a different road for autos. Having a dedicated slice (e.g. road) can keep costs and expected revenues better aligned; for example, we assume in our analogy that a truck driver will pay more compared to a motorcyclist.

With respect to slicing implemented around the topic of network security in particular, service providers can offer a security posture that gives them the best chance to keep costs in check while keeping the network safe and affordable to operate. 

For more information on this, come hear Radware’s Eyal Yaron speak at 5G World Congress in ExCeL, London on June 12. Details for Eyal’s panel can be found here.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

5G Security in an API-Driven Economy

May 15, 2019 — by Travis Volk0

5G_API-960x640.jpg

Over the last six years, solution architects have been designing the transformation of Service Provider’s networks to significantly reduce the timing of service and feature deployment lifecycles, standardizing on real-time service provisioning, consumption and end user autonomy.  This challenge has been in parallel to delivering highly scalable and cost effective solutions. 

These solutions, along with automation, are addressing emerging security challenges while extending tailored outcomes to individual lines of business and customers. The result is better security, user experiences and a broader addressable market. 

So how does this hard work improve our execution of 5G transformations? 

All About Those Apps

First, the fully automated software delivery model allows us to address the complexity of a widely distributed architecture in a repetitive model.  Network and security alignment improves resource allocation while optimizing consumption-based delivery from edge systems. 

[You may also like: The Necessary Burden of 5G Security]

The “edge” may have more than one meaning in this discussion, as service delivery platforms are no longer constrained to a single autonomous system. This flexibility leads Service Providers to a new era of content management and monetization as applications are deployed across numerous computing platforms to minimize latency. 

It is important to appreciate that these capabilities are all made possible because of application-to-application dialog that transpire over APIs.  Traditionally, application and API exposure had been constrained to IDC infrastructure. This meant that a secure DC or security gateway framework was used to harden the exposure of numerous applications in the same physical location. All of these applications communicated to the internet via a common path. In the scope of security design, this was a relatively easy problem to address. 

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Now, take a step back to the previous ideology of 5G and it jumps out at you that API and application protections become a key component in modern edge security. 

From Security Zones to Network Slices

It is also interesting to recognize that traditional volumetric defense for infrastructure protection is changing rapidly.

Anomalous traffic easily evading netflow detection has been eroding precious core resources for too long.  When security functions are built into the network, attacks are automatically addressed locally, avoiding back-hauling attacks and driving efficiency back into the core. This highly scalable infrastructure protection strategy also serves as a point of escalation for more sophisticated or persistent attacks seen in gateways, applications and APIs. 

As we transition from security zones to network slices, this multi-tiered approach further lends itself to the decomposition of highly intelligent machine learning algorithms deployed contextually for the relevant protocols and applications. 

[You may also like: Safeguarding 5G Networks with Automation and AI]

As an example, IoT anomaly detection on the access edge requires very different algorithms than used for detecting attacks from the internet thru the peering edge. When we speak about application and API protection, protecting a mobile application requires entirely different techniques than addressing behavioral analysis for fraudulent account abuse. Having the ability to protect, adapt and optimize attack lifecycle management in cooperation with the orchestration layer for end-to-end security has been our greatest achievement in modern security design.

The Modern Landscape

Maybe the punchline is becoming obvious at this point but addressing end-to-end security with the ability to escalate application abuse to the edge of the system in a widely distributed architecture has become a modern landscape requirement. 

[You may also like: How to Prevent Real-Time API Abuse]

Automation is working on our behalf to drive agility into engineering, provisioning, billing and operations. With predefined workflows, analysts enjoy alert-driven processes and/or fully automated protection strategies designed to meet the high availability demands throughout a complex system.

If you track my work at all, you will appreciate that I have dedicated the last twenty years designing highly adaptive services.  If you are curious how you too can maximize security revenue across multiple lines of business, please reach out in the comment section below; service creation is one of my favorite points of discussion. 

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

The Necessary Burden of 5G Security

May 14, 2019 — by Eyal Yaron0

5gburden-960x495.jpg

Today’s infrastructure threats will have major impacts on tomorrow’s 5G commercial networks. 5G network slicing, virtualization and disaggregation introduce new levels of complexity to network security, requiring a high-level of automation in security on-boarding, scale-out and attack mitigation.

5G security is absolutely required to be thought about in a Day 1 network build and ‘weaved’ into the network architecture. Otherwise, the immense job of re-architecting the network afterward will be a cost-prohibitive exercise.

Service providers are faced with a necessary burden of managing security threats in the 5G network.

Your ‘Typical’ Security Solution

A typical network security solution will include several security elements, such as firewalls, DDoS protection devices, IPS/IDS, etc. Each system may require its own domain expertise when it comes to proper configuration and tuning. When a carrier-grade network slice is under attack, dedicated expertise is required for handling changes and setting the proper mitigation actions. With the new paradigm of 5G network slicing coming onto the scene in a highly distributed network, carrier security teams will be challenged.

[You may also like: 5G: You Can Have Your Slice and Security Too!]

Service providers are already in a precarious position of creating healthy profit margins with the onslaught of over-the-top data and video traversing their networks. New revenue streams are tough to come by, and so the other lever available to influence margins is cost control. However, the cost economics do not scale well when contemplating an increase in security staff to prepare for 5G. The new attack vectors are just too complex and too high in volume to adequately address with a bloated Security Operations Center (SOC) of just human oversight and management. 

Stronger Visibility

What makes more sense is adoption of a comprehensive security solution used across all network slices to benefit from ease of management and SOC skill sets.

Vendor technology designed around the concept of self-learning with respect to threat detection not heavily dependent on pre-configured rules is the ideal toolkit for service providers. Minimal setup and configuration lower the overall carrier security team effort around system operation. Now, instead of manual provisioning and troubleshooting, the SOC specialist can look at a dashboard to see what was detected by the system and what mitigation actions took place to defend against malicious threats to the system.  This yields strong visibility into network security threats across all network functions and slices.

[You may also like: Here’s How Carriers Can Differentiate Their Offerings]

In the new 5G security play, the various security functions are on-boarded per slice in alignment to the required network capabilities and desired distribution. The total investment in security computing resources and licenses aligned with the network slice investment allowing carrier better control on the risks and the costs associated with specific network slice.

Automated attack mitigation capabilities provide the security team with ‘peace of mind’ that all ‘war time’ actions are taken care of in automated manner with no manual intervention by security administrators. 

So although 5G carries with it very challenging security issues, service providers can be proactive in creating a security posture that gives them the best chance to keep costs in check while keeping the network safe.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

SecurityService Provider

Bot Management: A Business Opportunity for Service Providers

April 30, 2019 — by Radware0

BotManagementSP-960x540.jpg

Over half of all internet traffic is generated by bots — some legitimate, some malicious. These “bad” bots are often deployed with various capabilities to achieve their nefarious objectives, which can include account takeover, scraping data, denying available inventory and launching denial-of-service attacks with the intent of stealing data or causing service disruptions. Sophisticated, large-scale attacks often go undetected by conventional mitigation systems and strategies.

Bots represent a clear and present danger to service providers. The inability to accurately distinguish malicious bots from legitimate traffic/users can leave a service provider exposed and at risk to suffer customer loss, lost profits and irreparable brand damage.

In an age where securing the digital experience is a competitive differentiator, telecommunication companies, management services organizations (MSOs) and internet service providers (ISPs) must transform their infrastructures into service-aware architectures that deliver scalability and security to customers, all the while differentiating themselves and creating revenue by selling security services.

[You may also like: Bot Managers Are a Cash-Back Program For Your Company]

Bot Traffic in the Service Provider Network

Bot attacks often go undetected by conventional mitigation systems and strategies because they have evolved from basic scripts into large-scale distributed bots with human-like interaction capabilities. Bots have undergone a transformation, or evolution, over the years. Generally speaking, they can be classified into four categories, or levels, based on their degree of sophistication.

The four categories of malicious bots.

In addition to the aforementioned direct impact that these bots have, there is the added cost associated with increased traffic loads imposed on service providers’ networks. In an age of increased competition and the growth of multimedia consumption, it is critical that service providers accurately eliminate “bad” bots from their networks.

[You may also like: The Big, Bad Bot Problem]

Staying ahead of the evolving threat landscape requires more sophisticated, advanced capabilities to accurately detect and mitigate these threats. These include combining behavioral modeling, collective bot intelligence and capabilities such as device fingerprinting and intent-based deep behavioral analysis (IDBA) for precise bot management across all channels.

Protecting Core Application from Bot Access

Bots attack web and mobile applications as well as application programming interfaces (APIs). Bot-based application DoS attacks degrade web applications by exhausting system resources, third-party APIs, inventory databases and other critical resources.

[You may also like: How to Prevent Real-Time API Abuse]

IDBA is now one of the critical capabilities needed to mitigate advanced bots. It performs behavioral analysis at a higher level of abstraction of “intent,” unlike commonly used, shallow “interaction”-based behavior analysis. IDBA is a critical next-generation capability to mitigate account takeovers executed by more advanced Generation 3 and 4 bots, as it leverages the latest developments in deep learning and behavioral analysis to decode the true intention of bots. IDBA goes beyond analyzing mouse movements and keystrokes to detect human-like bots, so “bad” bots can be parsed from legitimate traffic to ensure a seamless online experience for consumers.

API Exposure

APIs are increasingly used to exchange data or to integrate with partners, and attackers understand this. It is essential to accurately distinguish between “good” API calls and “bad” API calls for online businesses. Attackers reverse engineer mobile and web applications to hijack API calls and program bots to invade these APIs. By doing so, they can take over accounts, scrape critical data and perform application DDoS attacks by deluging API servers with unwanted requests.

Account Takeover

This category encompasses ways in which bots are programmed to use false identities to obtain access to data or goods. Their methods for account takeover can vary. They can hijack existing accounts by cracking a password via Brute Force attacks or by using known credentials that have been leaked via credential stuffing. Lastly, they can be programmed to create new accounts to carry out their nefarious intentions.

[You may also like: Will We Ever See the End of Account Theft?]

As its name suggests, this category encompasses an array of attacks focused on cracking credentials, tokens or verification codes/numbers with the goal of creating or cracking account access to data or products. Examples include account creation, token cracking and credential cracking/stuffing. Nearly all of these attacks primarily target login pages.

The impact of account takeover? Fraudulent transactions, abuse of reward programs, and damage to brand reputation.

Advertising Traffic Fraud

Malicious bots create false impressions and generate illegitimate clicks on publishing sites and their mobile apps. In addition, website metrics, such as visits and conversions, are vulnerable to skewing. Bots pollute metrics, disrupt funnel analysis and inhibit key performance indicator (KPI) tracking. Automated traffic on your website also affects product metrics, campaign data and traffic analytics. Skewed analytics are a major hindrance to marketers who need reliable data for their decision-making processes.

[You may also like: Ad Fraud 101: How Cybercriminals Profit from Clicks]

The Business Opportunity for Service Providers

Regardless of the type of attack, service providers are typically held to high expectations when it comes to keeping customer data secure and maintaining service availability. With each attack, service providers risk customer loss, brand reputation, lost profits and at the worst, costly governmental involvement and the resulting investigations and lawsuits.

These same business expectations apply to service providers’ customers, many of whom require security services. Although large organizations can attempt to develop their own in-house bot management solutions, these companies do not necessarily have the time, money and expertise to build and maintain them.

Building an adaptive bot mitigation solution can take years of specialized development. Financially, it makes sense to minimize capex and purchase a cloud-based bot mitigation solution on a subscription basis. This can help companies realize the value of bot management without making a large upfront investment.

Lastly, this allows service providers to protect their core infrastructure and their own customers from bot-based cyberattacks and provides the opportunity to extend any bot management solution as part of a cloud security services offering to generate a new revenue stream.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Service Provider

5G: You Can Have Your Slice and Security Too!

April 25, 2019 — by Louis Scialabba0

5g_slice-960x667.jpg

We have heard it before. Another generation of mobile architecture is upon us and we are euphoric for all the cool things we can do more of.  And of course good marketers will swear that you can lasso the moon if you have enough money to pay for it.

Let’s inspect 5G for what it really is, save the hype.  It is an upgrade in the mobile architecture that pushes new computing elements and services closer to the edge in order to scale and improve network performance.  The 5G specifications rely on virtualized and distributed network functions that span across remote locations, and is heavily dependent on robust, secure interworking between remote and local virtualized network functions. 

5G also opens the network to new services using IT protocols and Open APIs – the latter of which introduces significant additional liability on the responsibility of the carrier network security owner.

I’ll Take a Slice of That

The “Network Slicing” concept in 5G aims to isolate specific application traffic into a dedicated virtual network. Each slice carries the traffic originating from a specific application, such as IoT Telemetry and Autonomous Vehicles, Smart City and Smartphone. Each application has its unique network traffic pattern and requires specific security policies. Having an isolated virtual networks brings security benefit and limits security risk impact to the specific slice.

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

Sharpening the Edge

With this new network paradigm based on service-based architecture (SBA), the previous 3G and 4G network element boxes transformed into a cloud of micro-services functions, distributed and disaggregated based on the carrier coverage needs and specific applications deployed in the carrier network. The new architecture exposes many internet interfaces in various network segments from the core peering link up to the far-edge compute to address scale and low-latency requirements.

Such mass exposure of external internet interfaces significantly raises the cyber security threat level. IoT and its applications running at the far edge provides new services based on vast usage of open, published interfaces based on HTTP\2.  On one hand, this enables openness and service agility, and on the other, extensive exposure to attacks tools and tactics using publicly available information to wreak havoc on network infrastructure and services. 

In other words, the new 5G security perimeter has widened and expanded far beyond what we are familiar with in LTE and 3G world.

A Call to Arms

A typical network security solution will include various security elements such as firewalls, DDoS protection, web application firewall, etc. Each system may require its own domain expertise when it comes to proper configuration and tuning. When a carrier network is under attack, dedicated expertise is required for handling changes and setting the proper mitigation action.

With the new reality of network slicing and highly distributed network functions carrier security teams will be overburdened unless they employ an automated, self-learning defense mechanism. With the current telecom carriers, the economics of an increase in security staff is not an option when moving toward 5G – it just doesn’t scale from a cost-perspective and it puts human engineers at a disadvantage to ever-increasing machine-based bot attacks. 

[You may also like: Here’s How Net Neutrality & Wearable Devices Can Impact 5G]

Automation as Table Stakes

A comprehensive security solution used across all network slices benefit from ease of management and required team expertise. Security vendors must design security products around the concept of self-learning, which is essentially threat detection not heavily dependent on pre-configured rules. 

Minimal setup and configuration is required in 5G to lower carrier security team effort around system operation.  An automated attack mitigation capability provides security teams with ‘peace of mind’ that all attack time actions taken care without manual intervention by security administrators, with strong visibility into network security threats across all network functions and slices.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

SecurityService Provider

Out of the Shadows, Into the Network

April 9, 2019 — by Radware1

darkness-960x540.jpg

Network security is a priority for every carrier worldwide. Investments in human resources and technology solutions to combat attacks are a significant part of carriers’ network operating budgets.

The goal is to protect their networks by staying a few steps ahead of hackers. Currently, carriers may be confident that their network security solution is detecting and mitigating DDoS attacks.

All the reports generated by the solution show the number and severity of attacks as well as how they were thwarted. Unfortunately, we know it’s a false sense of well-being because dirty traffic in the form of sophisticated application attacks is getting through security filters. No major outages or data breaches have been attributed to application attacks yet, so why should carriers care?

Maintaining a Sunny Reputation

The impact of application attacks on carriers and their customers takes many forms:

  • Service degradation
  • Network outages
  • Data exposure
  • Consumption of bandwidth resources
  • Consumption of system resources

[You may also like: How Cyberattacks Directly Impact Your Brand]

A large segment of carriers’ high-value customers have zero tolerance for service interruption. There is a direct correlation between service outages and user churn.

Application attacks put carriers’ reputations at risk. For customers, a small slowdown in services may not be a big deal initially. But as the number and severity of application attacks increase, clogged pipes and slow services are not going to be acceptable. Carriers sell services based on speed and reliability. Bad press about service outages and data compromises has long-lasting negative effects. Then add the compounding power of social networking to quickly spread the word about service issues, and you have a recipe for reputation disaster.

[You may also like: Securing the Customer Experience for 5G and IoT]

Always Under Attack

It’s safe for carriers to assume that their networks are always under attack. DDoS attack volume is escalating as hackers develop new and more technologically sophisticated ways to target carriers and their customers In 2018, attack campaigns were primarily composed of multiple attacks vectors, according to the Radware 2018–2019 Global Application & Network Security Report.

The report finds that “a bigger picture is likely to emerge about the need to deploy security solutions that not only adapt to changing attack vectors to mitigate evolving threats but also maintain service availability at the same time.”

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

Attack vectors include:

  • SYN Flood
  • UDP Flood
  • DNS Flood
  • HTTP Application Flood
  • SSL Flood
  • Burst Attacks
  • Bot Attacks

Attackers prefer to keep a target busy by launching one or a few attacks at a time rather than firing the entire arsenal all at once. Carriers may be successful at blocking four or five attack vectors, but it only takes one failure for the damage to be done.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile DataMobile Security

Here’s How Net Neutrality & Wearable Devices Can Impact 5G

March 28, 2019 — by Mike O'Malley1

5GNetNeutralityDevices-960x540.jpg

AT&T and Verizon are committed to an aggressive, multi-city roll out plan in a race to be the first carrier to implement national 5G deployment. We see this competition play out almost daily in the news: AT&T’s “5G E” is slower than Verizon 4G,  Verizon declares 5G war on AT&T, Verizon inks a deal with the NFL to bring 5G to stadiums, and so forth. And yet, despite this newsworthy competition between telecom giants, we still have a limited understanding of the benefits and risks of 5G.

There are the obvious benefits – faster service, for one – and risks, like insufficient security infrastructure. But what about other, less considered factors that can impact 5G (both positively and negatively), such as net neutrality and wearable devices? How do they play into the risks and rewards of this communications (r)evolution?

Net Neutrality

Currently, net neutrality in the U.S. is embroiled in partisan politics and it’s unclear whether these regulations will be reinstated. But operating under the current status, in which net neutrality rules are suspended, service providers stand to profit from 5G.

[You may also like: Here’s How Carriers Can Differentiate Their 5G Offerings]

As we’ve previously discussed, 5G allows for service providers to “slice” portions of a spectrum as a customizable service for specific types of devices and different customer segments—and without net neutrality, carriers can conceivably charge premium rates for higher quality of service. In other words, service providers could profit by charging select industries that require large bandwidth and low latency – like healthcare and manufacturing, for example – higher premiums.

This premium service/premium revenue model represents a significant ROI for carriers on their 5G infrastructure investment. Not only does slicing provide flexibility for multi-service deployment, it enables the realization of diverse applications on that physical resource, which helps recoup cost for the capital investment.

[You may also like: Don’t Be a “Dumb” Carrier]

However, because implementation will be patchy, with initial focus on high-density, urban areas (versus rural populations), the so-called digital divide may very well deepen, not just for consumers but for rural industries like healthcare and agriculture as well.

Wearable Devices

IoT devices have outpaced the human population for the first time in history. And 5G will undoubtedly  fan the flames of interest in wearable devices, due to its projected speed and availability of data.  

While these devices can certainly make life easier, and even potentially healthier (think about the ECG app on the Apple Watch!), they also carry enormous risk. Why? Because they’re hackable – and they contain a treasure trove of sensitive data, like your location, health stats, and more. And the risk doesn’t only impact the individual wearing an IoT device; enterprises are likewise at risk when their employees wear devices at work and transmit data over office WiFi.    

[You may also like: Securing the Customer Experience for 5G and IoT]

What’s Next?

With the ever-changing nature of internet regulations and the explosion of wearable devices, security must be top-of-mind for service providers. Not only is security advantageous to end users, but for the carriers as well; best-of-breed security opens the possibility for capturing new revenue streams.

No matter the complexity of securing 5G networks, there are solutions. For example, service providers should consider differentiated security mechanisms, offering security as a service to vertical industries, and segregating virtual network slices to safeguard their networks. And of course, let the (security) experts help the (carrier) experts.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile SecurityService Provider

Here’s How Carriers Can Differentiate Their 5G Offerings

February 28, 2019 — by Mike O'Malley0

5g-960x636.jpg

Much of the buzz surrounding this year’s Mobile World Congress has focused on “cool” tech innovations. There are self-driving cars, IoT-enhanced bee hives, smart textiles that monitor your health, realistic human chatbots, AI robots, and so forth. But, one piece of news that has flown relatively under the radar is the pending collaboration between carriers for 5G implementation.

A Team Effort

As Bloomberg reported, carriers from Vodafone Group Plc, Telecom Italia SpA and Telefonica SA are willing to call “a partial truce” to help each other build 5G infrastructure in an attempt “to avoid duplication and make scarce resources go further.”

Sounds great (who doesn’t love a solid team effort?!)…except for one thing: the pesky issue of competing for revenue streams in an industry fraught with financial challenges. As the Bloomberg article pointed out, “by creating more interdependent and overlapping networks, the risk is that each will find it harder to differentiate their offering.”

[You may also like: Securing the Customer Experience for 5G and IoT]

While this is certainly a valid concern, there is an obvious solution: If carriers are looking for differentiation in a collaborative environment, they need to leverage security as a competitive advantage.

Security as a Selling Point

As MWC19 is showing us in no uncertain terms, IoT devices—from diabetic smart socks to dairy milking monitors—are the way of the future. And they will largely be powered by 5G networks, beginning as early as this year.

Smart boot and sock monitor blood sugar, pulse rate, temperature and more for diabetics.

Which is all to say, although carriers are nervous about setting themselves apart while they work in partnership to build 5G infrastructure, there’s a huge opportunity to differentiate themselves by claiming ownership of IoT device security.

[You may also like: Don’t Be A “Dumb” Carrier]

As I recently wrote, IoT devices are especially vulnerable because of manufacturers’ priority to maintain low costs, rather than spending more on additional security features. If mobile service providers create a secure environment, they can establish a competitive advantage and reap financial rewards.

Indeed, best-of-breed security opens the possibility for capturing new revenue streams; mobile IoT businesses will pay an additional service premium for the peace of mind that their devices will be secure and can maintain 100% availability. And if a competing carrier suffers a data breach, for example, you can expect their customer attrition to become your win.

My words of advice: Collaborate. But do so while holding an ace—security—in your back pocket.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile SecurityService Provider

Securing the Customer Experience for 5G and IoT

February 21, 2019 — by Louis Scialabba3

iot-5g-networks-cybersecurity-blog-img-960x519.jpg

5G is set to bring fast speeds, low latency and more data to the customer experience for today’s digitized consumer. Driven by global demand for 24×7 high-speed internet access, the business landscape will only increase in competitiveness as service providers jockey to deliver improved network capabilities.

Although the mass roll-out of the cutting-edge technology is expected around 2020, the race to 5G deployment has already begun. In addition to serving as the foundation for the aforementioned digital transformation, 5G networks will also deliver the integral infrastructure required for increased agility and flexibility.


But with new benefits come new risks. As network architectures evolve to support 5G, it will leave security vulnerabilities if cybersecurity isn’t prioritized and integrated into a 5G deployment from the get-go to provide a secure environment that safeguards customers’ data and devices.

Cybersecurity for 5G shouldn’t be viewed as an additional operational cost, but rather as a business opportunity/competitive differentiator that is integrated throughout the overall architecture. Just as personal data has become a commodity in today’s world, carriers will need the right security solution to keep data secure while improving the customer experience via a mix of availability and security.

For more insight into how service providers can mitigate the business risks of 5G deployment, please read our white paper.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Mobile SecurityService Provider

Don’t Be A “Dumb” Carrier

February 12, 2019 — by Mike O'Malley0

dumbcarrier-960x540.jpg

By next year, it is estimated that there will be 20.4 billion IoT devices, with businesses accounting for roughly 7.6 billion of them. While these devices are the next wireless innovation to improve productivity in an ever-connected world, they also represent nearly 8 billion opportunities for breaches or attacks.

In fact, 97% of companies believe IoT devices could wreak havoc on their organizations, and with good reason. Security flaws can leave millions of devices vulnerable, creating pathways for cyber criminals to exfiltrate data—or worse. For example, a July 2018 report disclosed that nearly 500 million IoT devices were susceptible to cyberattacks at businesses worldwide because of a decade old web exploit.

A New Attack Environment

In other words, just because these devices are new and innovative doesn’t mean your security is, too. To further complicate matters, 5G networks will begin to roll out in 2020, creating a new atmosphere for mobile network attacks. Hackers will be able to exploit IoT devices and leverage the speed, low latency and high capacity of 5G networks to launch unprecedented volumes of sophisticated attacks, ranging from standard IoT attacks to burst attacks, and even smartphone infections and mobile operating system malware.

Scary stuff.

[You may also like: IoT, 5G Networks and Cybersecurity: A New Atmosphere for Mobile Network Attacks]

So, who is responsible for securing these billions of devices to ensure businesses and consumers alike are protected?  Well, right now, nobody. And there’s no clear agreement on what entity is—or should be—held accountable. According to Radware’s 2017-2018 Global Application & Network Security Report, 34% believe the device manufacturer is responsible, 11% believe service providers are, 21% think it falls to the private consumer, and 35% believe business organizations should be liable.

Ownership Is Opportunity

Indeed, no one group is raising its hand to claim ownership of IoT device security. But if service providers want to protect their networks and customers, they should jump at the chance to take the lead here. While service providers technically don’t own the emerging security issues, it is ultimately the operators who are best positioned to deal with and mitigate attack traffic. While many may view this as an operational cost, it is, in actuality, a business opportunity.

In fact, the Japanese government is so concerned about a large scale IoT attack disrupting the 2020 Tokyo Olympics, they just passed a law empowering the government to intentionally identify and hack vulnerable IoT devices.  And who is the government asking to secure the list of devices they find vulnerable? Consumers? Businesses? Manufacturers?  No, No, and NO.  They are asking service providers to secure these devices from attacks.

[You may also like: IoT, 5G Networks and Cybersecurity: Safeguarding 5G Networks with Automation and AI]

Think about it: Every device connected to a network is another potential security weakness. And as we’ve written about previously, IoT devices are especially vulnerable because of manufacturers’ priority to maintain low costs, rather than spending more on additional security features. If mobile service providers create a secure environment that satisfies the protection of customer data and devices, they can establish a competitive advantage and reap financial rewards.

From Opportunity to Rewards

This translates to the potential for capturing new revenue streams. If your mobile network is more secure than your competitors’, it stands to reason that their customer attrition becomes your win. And mobile IoT businesses will pay an additional service premium for the knowledge that their IoT devices won’t be compromised and can maintain 100% availability.

[You may also like: The Rise of 5G Networks]

What’s more, service providers need to be mindful of history repeating itself. After providers lost the war with Apple and Google to control apps (and their associated revenue), they earned the unfortunate reputation of being “dumb pipes.” Conversely, Apple and Google were heralded for capturing all the value of the explosion of mobile data apps. Apple now sits with twice the valuation as AT&T and Verizon, COMBINED.  Now, as we are on the precipice of a similar explosion of IoT apps that enterprises will buy, the question again arises over whether service providers will just sell “dumb pipes” or whether they will get involved in the value chain.

A word to the wise: Don’t be a “dumb” carrier. Be smart.  Secure the customer experience and reap the benefits.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now