Improved Arsenals Equip CSPs for 2017 Cybersecurity War

Service providers' continued investment in virtualization is equipping them to more rapidly, accurately and cost effectively combat the ongoing onslaught of malware, hackers and employee misconduct that costs each breached company about $4 million per stolen record.

And that's critical because hackers have a much larger canvas to attack, given the widespread and growing adoption of Internet of Things with its billions of frequently under-protected sensors; mobile devices with access to cumulative petabytes of personal information and cloud computing, which is only as secure as its weakest link.

"The expanding attack surface enabled by technology innovations such as cloud computing and IoT devices, a global shortage of cybersecurity talent and regulatory pressures continue to be significant drivers of cyber threats. The pace of these changes is unprecedented, resulting in a critical tipping point as the impact of cyber attacks are felt well beyond their intended victims in personal, political and business consequences," cautions Derek Manky, global security strategist, at Fortinet Inc. "Going forward, the need for accountability at multiple levels is urgent and real affecting vendors, governments and consumers alike. Without swift action, there is a real risk of disrupting the progress of the global digital economy."

Building a better arsenal
As operators design virtualized networks and implement cloud, many are incorporating security from day one, Dilip Pillaipakam, vice president and general manager of service provider business at Infoblox tells the New IP Agency. This empowers service providers to leverage built-in capabilities found within network functions virtualization and software-defined networks, he says.

"For telcos and service providers, elastic scale -- a key feature of NFV/SDN -- can help improve security. More specifically, we see elastic scaling being very useful in absorbing DDoS attacks on the DNS infrastructure with the ability to spin up additional capacity in the midst of an attack," says Pillaipakam. "This can help the network withstand an attack before the mitigation mechanisms kick in."

By integrating security into the network, service providers also improve customers' ability to protect employees during this time of shadow IT. Multiple studies find CIOs vastly underestimate the number of cloud-based apps their organization runs; in fact, enterprises operate about 20-times more cloud apps than they think, Blue Coat's 2016 Shadow Data Report finds. A whopping 95% are not SOC 2 compliant, 71% don't deliver multi-factor authentication and 11% of enterprise cloud apps are still vulnerable to at least one major exploit, the study says.

"While some organizations will attempt to legislate security via corporate policy, in 2017 the most enlightened companies will recognize the implicit threat of sub-par IT services. The most successful IT and info-sec teams will collaborate on simultaneously modernizing and securing their infrastructure with SDN, orchestrated NFV security services, advanced encryption and identity management, integration of cloud services and compartmentalization of local apps," recommends Larry Tam, managing director of Hong Kong and Macau at Brocade Communications Systems Inc. (Nasdaq: BRCD).

Automation is crucial to improved security -- and NFV plays a big role in automation enhancements. AT&T, for example, is using an integrated platform of best-of-breed technologies to provide managed security services, says Jason Porter, vice president of security solutions at AT&T Inc. (NYSE: T) in an interview.

"There's no vendor out there -- from a technology perspective -- that can do everything, right? You've got specialists in threats, specialists in mobile end points, specialists in IoT, specialists are everywhere. And so that's what I see moving us to and I believe other managed security providers will start moving that way in this platform approach, with high automation and high integration between all of the controls and the threat platform," he says.

Cloud implementation puts some of the security onus onto service providers. Many enterprises don't regularly update servers, for example, according to the Cisco 2016 Midyear Cybersecurity Report.

In addition to the automation and scalability inherent in virtualized networks, service providers also must ensure they have visibility into their networks, along with context to generate data for improved analysis -- and protection, says Jason Landry, senior solutions marketing manager at Ixia, in a company blog. Likewise, CSPs need to monitor performance -- not only to meet SLAs, but also to alert security staff to possible intrusions or malware, he says. Lastly, resilience ensures organizations continue to operate if under attack; cloud and virtualization gives enterprises agility; the same flexibility that allows a retailer to deal with an unexpected surge in sales also helps that store function when its network is under attack and invaluable resources must shift to other infrastructures.

— Alison Diana, Editor, The New IP Agency. Follow her on Twitter @alisoncdiana or @The_New_IP.