Reading Time: 4 minutes
For any mobile network operator, data is considered to be the crown jewel, making it the company’s most valued asset. The idea that awareness may be growing about the security of those crown jewels among the general public is music to our Telenor security experts’ ears.
“As a mobile operator, we are responsible for a lot of sensitive information. We are extremely aware of how valuable that is, which is why we spend every second working to protect that data to the best of our ability,” explains Peter Ottis, Security Analyst at Telenor Group. He’s joined in those beliefs and efforts by colleague Alisa Mujanic, a Business Security Officer.
“The threats facing users and customers today are complex and constantly evolving, so users depend to a large extent on companies to protect their data,” Mujanic adds.
“Companies have to own up to that trust.”
SmartLife survey puts focus on how people feel about the security of their information
According to the SmartLife survey run by Telenor Research in late 2019, security awareness is clearly present in Asia and the Nordics, where Telenor has its operations. Security concerns are in particular widespread in Malaysia, where a whopping 60 percent of the respondents worry that their personal data might be stolen.
For Malaysians, cyber security is on their radar
“Based on reports, we see an increase in cyber attacks in Malaysia recent years. People are paying more attention. That’s putting cyber security on everyone’s radar, no longer just the IT,” says Sivakumar S.Nagaretnam, Head of the Cyber Security department at Digi Telco, Telenor’s daughter company in Malaysia.
Cyber security stories, too, are starting to find their way into in the media. The COVID-19 crisis has further escalated the trend.
“Businesses across Malaysia are taking this seriously. They are doing their best to make customers more aware about how their information is being stored and kept safe,” says Nagaretnam, touching on a chief concern among those surveyed by Telenor Research.
Shifting threats, from tangible to invisible
Lost or stolen credit cards used to the thing that we worried about most. It’s a visible and concrete threat, but it’s one that’s become very manageable these days. Theft of your identity or your personal information, however, isn’t quite so concrete. Sometimes, the most advanced threats go completely undetected, making this invisible enemy even more difficult to get a grip on.
In 2017, a number of tools used by the American NSA and CIA were leaked online, giving hackers access to advanced and effective ‘cyber weapons of mass destruction’. This has given rise to more frequent and more sophisticated ransomware attacks, according to Telenor cyber security experts. If the company under attack doesn’t pay up, they face the threat of wiped or locked data which could bring their business to a halt.
Ottis adds that this increase in attacks wasn’t something companies were very open about.
“Back in 2017, it was almost shameful for a company to admit that they were under attack. It meant negative consequences particularly in the form of a dip in the share price, so they kept quiet. Now the discussion has become much more mature, as companies see that there is more value in openness. In addition, new legislation in certain parts of the world is making it a requirement to report these attacks.”
Companies being more open makes people more aware
It’s critical that each individual feels a sense of responsibility for their personal data. Weak passwords are the number one source of information theft, which comes down to the users.
“Using the same password over time, across multiple accounts, and especially across private and corporate is perhaps the greatest risk a user takes, exposing both your private sensitive information and possibly also sensitive corporate information. Don’t make yourself an easy target by keeping your passwords easy to remember for everything, because that’s when the hacker gets access to everything,” says Mujanic.
Strong security requires investment, smart resources and constant vigilance
At the heart of what Telenor companies are doing globally (to protect their customers’ information) is a robust global monitoring service. This keeps tabs of all Telenor’s infrastructure in all markets, giving the company greater visibility and situational awareness. In addition, Telenor is also a believer in its own resilience building, implementing the defendable architecture principle.
“The purpose is that if it happens, we are able to contain it more effectively, so it doesn’t spread,” says Ottis.
In the eyes of these two cyber security experts, the Telenor Research survey results showing considerable citizen concern about security has nothing but upside. Concern means awareness and awareness means action, as Mujanic says.
“This awareness contributes to further mature the conversation on the impact of cyber attacks on all levels of society, including the shared responsibility for cyber security across industries and value chains,” she adds.
“The more everyone knows, the more we can all do to protect ourselves.”