Operator Resistance to Automation is Slowly Breaking Down, Especially in Security

John Byrne – Service Director, Global Technology Telecom and Software

Summary Bullets:

  • Cisco’s new Cybersecurity Report shows that networks are facing an increasing level of threat from a growing number of threat sources, and attacks from malicious actors are getting more sophisticated.
  • Now enterprises and communication service providers need to embrace analytics, automation and artificial intelligence to help identify threats and mitigate damage from attacks.

A new Cybersecurity Report from Cisco reveals some scary statistics that confirm what most public network operators – AT&T, Vodafone, Deutsche Telekom, Comcast and the like – already know  too well – network security is leaky, getting more so, and the attacks are coming from more “threat vectors” than ever. And public network operators – which are perhaps the most vulnerable targets given their access to millions of enterprises and consumers – need to engage in a never-ending battle to stay one step ahead of the bad guys. That, in turn, means CTOs and security executives will need to move much more aggressively on the three “As” – analytics, artificial intelligence (AI), and automation – in order to prevent breaches, mitigate damage, protect sensitive customer data.

The Cisco report calls out a few of the concerning proof points:

  • Malicious e-mail and spam remain as key points of vulnerability since they deliver malware directly to end devices such as smartphones and laptops at the click of a button.
  • The incidence of Distributed Denial of Service (DDoS) attacks is growing – 42% of organizations reported this kind of attack in 2017 – and the attacks are doing more damage and getting harder to root out.
  • Encryption is growing as a way to ensure web traffic remains secure, with 50% of web traffic encrypted in November 2017, up from just 38% the year before. Unfortunately, malicious actors are also getting better at using encryption to conceal malicious code used to infect unwitting Internet users.

After factoring in lost revenue, lost customers, missed opportunities, and out-of-pocket costs, Cisco estimates 53% of all cybersecurity attacks last year resulted in financial damages in excess of $500,000 to the affected enterprise.

There is some good news though on adoption of the three “As”: Cisco reports that 83% are relying on automation to help lock down security, with nearly 3/4 using some form of AI, while 92% of enterprises report that behavior analytics have been effective in helping to recognize malicious network activity and limit its damage to the network. Given the continued reluctance of many operators to embrace automation broadly within their network operations, their willingness to accept the importance of automation in network security is a good sign; going forward, as operators embrace virtualization, cloud-native microservices, and DevOps, automation will become increasingly vital to manage networks that are becoming exponentially more complex to operate and maintain.

While enterprises across the board face cybersecurity challenges, public network operators face unique burdens in ensuring that their networks are as secure as possible for their millions of customers. There is good news here as well though, as these operators are getting new help from vendors. In February 2018, Nokia launched a Security Risk Index assessment service to help network operators identify security breaches and benchmark their end-to-end security against industry best practices, in addition to offering a Managed Security service that relies on advanced analytics to identify threat patterns.

Despite the positive steps, though, it appears from the Cisco data that enterprises and public network operators are facing a moving target as they look to lock down security. With malicious actors finding more and more ways to attack networks, and the Internet of Things exponentially increasing the number of points of vulnerability, CTOs will need to embrace the three “As” much more aggressively or face the very real potential of becoming the next security breach headline.

Leave a Reply