NEW YORK -- Mobile Network Security Strategies: New Threats, New Opportunities -- Network security specialists need to be less reactive and more innovative in addressing threats, Gus de los Reyes, executive director of technical security for AT&T Inc. Security Research Center said here today.
De los Reyes also outlined AT&T's approach to security, which is to build a smarter network that incorporates security at its edges. The operator believes this approach will eliminate threats and prevent further network congestion.
He admitted that, to date, the real innovators in the security arena are the hackers, who are constantly finding new ways to attack networks. Increasingly, these attacks are strategic -- aimed at long-term capture of intellectual property or other specific monetary goals -- and well-funded.
"We have to try to turn the model around and not constantly react," de los Reyes said. "We have to somehow get ... the innovation into the security space, not the hacker space."
One model for that approach would be the world of cryptography, de los Reyes explained, where new schemes are constantly being devised and then made public, so their vulnerabilities can be determined and the schemes improved.
AT&T's approach to addressing what de los Reyes admits are growing threats, is to build security nodes within its network that examine all traffic, identifying and eliminating malware, viruses and other bad actors, and then passing on only what is perceived to be "good" traffic.
There is a commercial opportunity to provide that service for enterprise users, which increasingly find that their own firewall/security efforts are overwhelmed by the volume and complexity of threats against their networks and the differing services they support for employees, including mobility.
To protect its own networks, AT&T has developed a network security services platform that addresses its converged wireline and wireless network and is developing a network-based security private gateway that sits between the Internet and the cloud, and any type of access network (wired, cellular, Wi-Fi), to protect customer devices.
"We have been concentrating on how to use the network as a security device, to leverage [the] power of the network," stated de los Reyes. "We want to do that as close to the edges of the network as possible."
The network is a better place to provide security since all traffic traverses the network, and it has the resources -- in terms of compute power and 24-7 operations -- to best provide complete security, he noted. Client-based solutions can cooperate with the network, but alone are inadequate.
"At the [converged] network level, we can correlate traffic to find broader problems and prevent them from hitting the mobile network where resources are more scarce," said de los Reyes.
Further coverage from Light Reading's Mobile Network Security Strategies event:
â€” Carol Wilson, Chief Editor, Events, Light Reading