Security takes many forms, but it is increasingly important that security is built into telecoms service offerings if customers are to be protected from the increasing variety and sophistication of threats. Without adequate security e-commerce, online services, content delivery and even voice communications are under threat, and as a result, so are telcos’ revenues and reputations. Telecoms service providers are ideally positioned to act now and provide their customers (retail and wholesale) with a suitable range of security services.
Society, business and government are now inextricably dependent on telecoms infrastructure and the effective, efficient and secure operation of services over that infrastructure. At the same time, the parties involved in providing any single end-to-end service have grown in number, and in the complexity of their interrelationships. Each participant brings its own expertise and makes its own particular contribution towards the overall services. However, we need to accept that any human endeavour, be it process, product or service, has its faults and vulnerabilities. For this reason, security and security services are an increasingly important part of the jigsaw. Although no security system can be guaranteed to be 100% secure and fault-free, building security into telecoms from an early stage can significantly reduce the risk of telecoms service loss, degradation, interception or corruption.
The nature of security threats has radically changed from touch-tone ‘phreaking’ (the use of artificial dial-tones to route calls for little or no charge) and virus attacks by ‘amateur hackers’ flexing their intellectual muscles, to co-ordinated attacks carefully orchestrated by fraudsters, identity thieves and other criminals. Telecoms service providers must urgently take action to counter the so-called ‘criminalisation of the Web’. This action should include securing the boundaries of their networks, embedding intelligence within the network to detect anomalous behaviour, and encouragement of customers to adopt security infrastructure and processes.
