Traditionally telcos have set up security barriers according to standards and industry best practices (GSMA Guidelines) in order to meet security challenges. As the industry and markets are rapidly changing from traditional telcos to digital service providers and our collaborative eco-system is changing, new security capabilities are needed to respond to increased advanced threats. Additionally, national and international laws and regulations require new and more sophisticated security solutions.
From CSP to DSP
Telenor is currently changing from being a communication service provider (CSP) to becoming a digital service provider (DSP). This indicates that Telenor has moved on from offering core traditional telecom services, to providing mobile broadband access, services, content and apps- all sold directly from the devices. In this new eco-system, Telenor will increasingly meet advanced threats that either aim to steal information, modify customer data or make services unavailable.
Examples of new threats to the industry are attackers who try to find open doors through applications and lower level infrastructure to gain entrance. Other relevant threats are ID theft or privacy breaches, insider threats and attacks/malware to either alter systems or information or bring services down (denial-of-services attack).
New preventive actions needed
Telenor has always taken security seriously, and faced with these new threats we see a clear need for even more advanced security solutions. Telenor is continuously implementing security capabilities to prevent and reduce the effect of advanced threats, including the ability to swiftly detect and respond to unwanted activities. This includes a number of actions related to preventive controls, including monitoring and detection, vulnerability assessments and incident management and response across all our business units.
Response to cyber-attacks
When faced with cyber-attacks, Telenor follows industry standards. The first priority is to assess the situation and notify authorities according to relevant legal and regulatory requirements. Following this, an incident response team will monitor the attack and implement necessary security controls until normal operations can be resumed. Such incidents are necessarily handled with a high degree of confidentiality until they are closed.
When incidents are closed and normal operations resumed, Telenor will share relevant experience and knowledge with customers and other key stakeholders. We want to draw attention to the fact that security breaches are happening and precautionary actions are needed both in Norway and globally, including reporting relevant incidents to police and other authorities.
Telenor has developed a security strategy and set an ambitious target state for security towards 2018. The ambition is to have a strong commitment to security which enables Telenor’s strategic ambitions as a digital service provider. Telenor aims to develop a business mindset in security with customer driven privacy solutions and value-add in our digital and telecommunication services. The objective is to enable Telenor’s overall strategy on becoming the customer’s preferred and trusted secure partner in digital life through Telenor-class security.
Key security initiatives
In order to reach the target state ambition of 2018 Telenor has initiated a set of key security initiatives. Among these are:
- Vulnerability scanning of internet exposed IP-addresses, signaling system (international
interconnections over SS7) and data centers
- Setting up a pilot for a regional/global security operation center (SOC) and a computer emergency
response team (CERT) –to identify attacks and handle critical incidents
- Strenghten our capabilities related to security intelligence – in order to have a more proactive approach to future threats
Work through international fora
Telenor is an active contributing member in international security fora working to protect network and customer data against attacks, fraud and crime. In this context the two most relevant fora are the Information Security Forum (ISF) and the GSM Association Fraud and Security Group (FASG).
In ISF, Telenor is a member of the Council where we are giving valuable input to the strategy. Here we also keep a good dialogue with vendors and partners in order to share intelligence and build response.
In the GSM Association Fraud and Security Group (FASG), Telenor actively participates in setting direction within the fraud and security domain for the whole industry.