Nokia’s Security Center, Scare Tactics, and Why Operators Need to Get Serious About Security

Jason Marcheck
Jason Marcheck

The following is an excerpt of a Current Analysis Advisory Report, which the full text can be accessed by subscribers by clicking here.

For many of us, either with significant others or without, Valentine’s Day can be exciting, frightening or depressing – and sometimes any combination of the three. With that specter looming, Nokia’s Security Center Analyst Day, held on February 12 in Berlin, was very much in keeping with the uncertainty that a “holiday” like Valentine’s Day brings: One part scare tactics, and for those lucky enough to take the right precautions, followed by reassurance and validation.

There was no shortage of important insights to be gleaned from the event; we captured most of them in an analysis for our customers. The Cliff’s Notes version, however, goes something like this.

Insights from the Nokia Security Center

First, the scary bits. For those visiting the center for the first time, Nokia begins the tour with a few demos of how easy telecom networks are to hack, followed by some stats that demonstrate just how vulnerable those networks can be. For example, Nokia pointed out that:

  • The proliferation of smart devices will give cyber criminals unprecedented access to sensitive personal data
    • 90% of smart devices today collect at least one piece of personal information via the device, an app or the cloud
    • 70% of devices use unencrypted network services
  • Small cells will introduce orders of magnitude more access points into the network (compared to today’s macro-centric network topologies)
  • IoT is going to introduce billions of unsecured access points into operator networks

True, none of these things are a complete revelation for those that pay attention to industry trends. However, the vendor did follow up with a bit of its own primary research that could give operators visiting the center a chill. According to Nokia, a survey it conducted revealed that 75% of end-users consider security to be part of their service provider’s responsibility. Since even high powered smart devices don’t have the horsepower to run sophisticated virus protection in the background (in the way that our laptops can), operators that don’t take the right precautions can be in danger of receiving a black eye over factors, such as end-user browsing habits, which it has little power to control.

The Path Forward for Vendors

As smart device proliferation and IoT in general become more pervasive, operators will demand dramatically more sophisticated security solutions. As such, vendors will have to make security a more overt aspect of their overall go-to-market strategy. To be sure, Nokia is not alone in recognizing that security is an issue. There is a laundry list of vendors that claim to be making security an increasing priority. Given the clandestine nature of security, there is, undoubtedly, plenty they will be doing behind the scenes. However, from a public facing perspective, here are five fairly simple recommendations that we’ll expect to see:

  1. Put a stake in the ground by highlighting how security is being baked into gear
  2. Going further, detail how product roadmaps will “bake” security into product/solution messaging related to 5G, SDN/NFV, IoT as a means of making it part of the everyday conversation
  3. Detail specific security-based services offerings (a la Nokia Security Services, Ericsson Managed Security)
  4. Demonstrate how the rubber has met the road by detailing customer engagements
  5. Build case studies that quantify, for SPs, the benefits of establishing security oriented brand recognition (i.e. if 75% of subscribers expect security to be supplied by SP; demonstrate the upside in terms of customer loyalty, top line growth, etc.) – especially if they hope to offer their own security services.

Leave a Reply