Should Telcos Engage In Cyber Offense?
Sometime “the best defense is a good offense”. This adage has been applied to the battlefield and in martial arts. The question is, should the be applied to maintaining the security of the cyber-borders of a nation, by the Telcos who are the gatekeepers and the border maintainers.
We are building on our thesis from the last issue’s column, where we proposed that Telcos should be like an army, protecting the nation’s virtual borders – as part of their core offering to the masses – rather than just offering Managed Security as a value-added service that is only available to the deep pocketed larger organizations.
The Telcos are keeping the gateways, proxies and internet infrastructure running and for all practical purposes all traffic in and out of a country pass through their nodes. As such they have an unprecedented view in to the traffic streams. We would all like to assume that privacy is present but keeping the privacy discussion aside – the Telcos have an unparalleled access to the bits and bytes that are so vital to the economy and the public.
The Telcos should implement stringent security controls at the borders – similar to immigration checks at border posts – to ensure that only the right traffic gets in and out of the nation. The availability of a vast number of highly scalable tools that are able to detect malware in thick data pipes can make it fairly straightforward to detect and clean the traffic coming in and going out of a country. It is a rather mature technology solution and can be implemented in a rather straightforward manner. Why it is not done – is more of a policy debate and political will and ROI goals of the Telcos.
But beyond that, the Telcos should not only actively protect the cyber borders from cyberthreats – but also track the threat generators and go after them – so as to ensure these threats don’t appear again in the same format six months from now.
We have always been on the side of protection and “clean-up” after the mess left by various cyber attacks on organizations. Basically closing the barn door after the horse has already been stolen. By then it is too late. Most organizations in the region are easy pickings for the skilled hackers who we have seen, launch multiple attacks on their victims. What we are seeing now is that the market is getting very frustrated with the open pipes and repeat attacks. They cannot handle the deluge of attacks and their frequency. They need help. Not only do they want to get “cleaner” pipes by default from the Telcos and service providers – they also want these same service providers to actively pursue the attackers in the virtual world and real world courtrooms.
With these trends in mind, Telcos should not only create a strong and “filtered” pipe for the nation, they should also pursue attackers where they are – to ensure the cyber-safety of the businesses and citizens. This would require a change in thought from the very top and a move towards finally acknowledging that a nation’s cyber borders are just as important as its physical borders. Will it happen ? probably – when ? we hope sooner than later…
The writer is the CEO of a Cybersecurity and cloud services company based in Dubai. In this occasional series of columns he will describe the real issues companies face in these areas and how they can improve their situation. For obvious reasons, he prefers to be anonymous. He may be reached at email@example.com.
Telcos ,Engage , Cyber, Offense