Deutsche Telekom ICSS: A view from inside wholesale security
Capacity media recently spoke to Mardia van der Walt (Niehaus), senior vice president International Carrier Sales & Solutions at Deutsche Telekom. She gave us her insights into the state of security on a business, personal and societal level.
Within the last few years cyberattacks have increasingly made the headlines. Do you think companies are doing enough to help stop these assaults?
Some companies, yes. Others no. A majority of the general public has by now understood the disastrous effects cyber criminality can have on society as a whole as well as on individual organisations.
That’s because many have been directly and personally affected. Just this year attacks have hit the National Health Service in the UK, the German railway system, US voter records and a huge credit scoring company that exposed information from 143 million US consumers.
And those are just a few. With the backlash that some of these organisations have since been receiving, and the damage to their brands that entails, I think businesses will now take more seriously their responsibility to make services as secure as possible.
Many of those attacked have had to answer to an angry customer base that wants immediate solutions. Which is something most are not going to be able to provide in the short term – and that is why it is so important to be prepared for the worst.
Cleaning up the damage afterwards can be a never-ending story.
In your mind, what would be a worst-case scenario when it comes to security breaches?
A lot of technology is vulnerable today. Cars, smart homes, banking, hospitals – all these have already experienced hacks that have sometimes been really devastating.
As more and more connected ‘things’ come onto the marketplace, there are more entry points for attackers.
In addition, there are many start-ups that want to put their product on the market as soon as possible, and do not give security the consideration they should. When thinking about the worst case: It is very worrisome to imagine scenarios where entire cities or even larger populated areas could be cut off from electricity, access to their bank accounts or government services.
In fact, the latter happened years ago in Estonia after a massive attack. But such situations could happen on a widespread scale unless everyone – not just telcos, not just industries, but really everyone – gets together to help tackle this problem.
Users also have to become more aware, and not needlessly or unknowingly provide their personal information across the internet.
What should be done concretely to help boost cybersecurity?
It starts with what I believe is the most basic factor – we need to train more security experts. There are not enough people right now with skills in cyber security. And it is a problem that will become more and more critical as the months and years go on. Companies are already generating massive amounts of data, and as they all jump onto the digitalisation bandwagon, there will be even more mountains of data. Data that will need to be kept secure for years to come. It is said that artificial intelligence should help to be able to quickly scan for anomalies, but someone has to be able to program those intelligent programs, the human factor cannot be dismissed. By the time you’ve been attacked, it is too late. That’s why companies really need to focus on prevention and to invest in people who can help them shore up their defenses.
What is ICSS doing to help in the fight against cyber assaults?
At ICSS we see security as one of our main areas of concentration. We are actively working to help with the fight, on many different fronts. It’s a long list, starting with ensuring the security of our own network and driving industry-wide security initiatives.
We also participate in global programs to identify and track cyberattacks, make sure our own solutions are inherently secure, partner with other leading security companies and have launched a service we call our 360° Defense Strategy.
The 360° Defense Strategy is a comprehensive solution that protects our customers against all kinds of cyber criminality, such as theft, fraud or ransomware.
We wanted to quickly set up a state-of-the-art solution to protect against those massive DDoS volumetric attacks the world has been seeing.
So we joined up with the experts at Arbor Networks and can now offer our clients over 8 Tbps of mitigation capacity via Arbor’s cloud-based scrubbing centers.
However, since application layer attacks cannot be detected by cloud solutions, we also offer a wide range of local, on-premise devices as well as customised solutions for specific needs or defense against multi-vector attacks.
For those customers routing their traffic across our network, we offer additional backbone protection.
Today there are more mobile phones in the world than ever before, which has offered criminals a new method of attack. What are you doing in this area?
Thanks for bringing that up. Loopholes in the SS7 protocol, together with the huge volumes of mobile phone usage, have meant a large increase of security breaches in this area too.
Criminals are able to read messages, listen to calls or even see where a user is located. That’s why we offer our SS7 Firewall.
It monitors and analyses signals for anomalies to help keep our client’s network clean.
In addition, we provide a service called SMS+ Protect, to safeguard against text messaging fraud. SMS+ Protect has a truly unique dynamic filtering service that – unlike other offerings – is able to detect the continually changing behavior of grey route traffic.
I could go on and on with other solutions offered by ICSS, but I guess we’ve run out of time.
So please let readers know that they can find all our services and products on our website!