TRENDING
Leverage behavioural analytics and
Machine Learning for security and
user privacy
For an end-user to develop a high degree
of trust with the operator, it is imperative
for the operators to put in all necessary
measures to safeguard not just the user’s
devices, but also their data that is stored or
moved through the operator’s network.
Moiz says: “For the network operators,
this is no longer a ‘nice to have’ but with
regulations in Europe such as GDPR, it
is a must and if not complied it can cost
operators millions in fines, lost revenue
and negative branding.” In August 2017,
the UK Information Commissioner’s Office
fined TalkTalk £100,000 for security failings
that enabled an IT contractor to access the
personal data of 21,000 customers. The
mobile operator could have faced as much
as a crippling £59 million fine if the EU’s
General Data Protection Regulation (GDPR)
had been in place. So, it’s vital for telecom
operators to leverage behavioural analytics
and Machine Learning for their network
security and subscribers’ data privacy.
Constantly measure your security
posture and risk levels with the
right balance of proactive and
reactive security
Telco security strategy needs the right balance
of proactive and reactive approaches. With
the dynamic evolution that operators’
networks are undergoing with virtualisation
of network functions, cloud uptake, Internet
of Things (IoT) and 5G, a holistic review of
end-to-end security architecture is needed
covering three areas of people, process and
tools. Similarly, what is important is that a
blue print must be created for next generation
security operations – an area where Nokia
is supporting some of the leading telecom
operators globally. As an example, GDPR
specifies that organisations must protect
personal data by design and by default.
This means telcos need to govern who
and what – employees, third parties,
applications, processes, unmanaged devices –
has ‘privileged’ access to the personal
data handled.
Moiz states that there are three steps for
ensuring GDPR compliance that are covered
by Nokia’s NetGuard Security Suite:
1. Protect personal data with effective
identity access management
You need a strong identity access
management (IAM) strategy backed by
effective solutions to comply with article
25. An IAM solution that can isolate,
monitor and record all privileged sessions
will help you and your partners meet
GDPR accountability, notification and
reporting requirements.
2. Use automated anomaly detection to
respond to breaches quickly
A solution that automates anomaly
detection and access blocking can help
you respond to cyberthreats proactively.
This type of solution uses real-time
network analytics and traffic profiling to
assess environmental risks and identify
abnormal user and entity behaviour.
3. Demonstrate continuous
compliance through auditing
and compliance management
Auditing and compliance management
solutions can enable you to identify
exactly who and what accessed
personal data. Solutions that support
tamper-resistant audit logs and session
recordings enhance overall security and
provide the detailed data you need
to demonstrate GDPR compliance. In
the context of all the new regulations,
compliance has moved on from a
unregular ‘check-box’ exercise to a tool-
supported continuous service.
5G requires new, dynamic and
flexible security architectures
With 5G technology expected to increase
the number of applications in IoT and
Smart City areas, telecom operators expect
increased security threats. 5G will enable
5G security drivers
26
INTELLIGENTCIO
www.intelligentcio.com