Orange Business Services is ramping up investments in its portfolio of cybersecurity offerings amid recent reports of high-profile security breaches, the company has revealed.
This month the operator opened a new "scrubbing" center in New York to help it detect and deal with so-called DDoS (or distributed denial of service) attacks, which bombard online services with huge volumes of traffic to bring them down.
Orange Business Services has also been investing in a threat intelligence database and has burnished its security capabilities with the April takeover of Lexsi, a cyber-defense business with a team of 50 analysts.
The moves come after Orange set up a distinct cyber-defense division two years ago, putting all of its security expertise under one roof.
Of the 21,000 employees at Orange Business Services, around 1,400 now specialize in security, with about 600 of those focused on network security and the remainder handling specific customer projects.
Thomas Gourgeon, the head of international business development for Orange's cyber-defense unit, says both risks and awareness of cyber attacks are growing.
"With mobile and the cloud, corporate environments are opening up and there is no perimeter to secure any longer," he said during a meeting with reporters at Orange's Paris facilities. "But there are a number of global data protection regulations that are coming along and they will make cybersecurity a key topic -- S&P and Moody's [two rating agencies] are even now using this as one of the criteria in their ratings assessments."
The overall cyber-defense business has been growing at an annual rate of about 25%, according to Orange executives, and currently maintains a number of global teams to handle the range of threats that are emerging.
These include six security operation centers (or SOCs) that can react on a round-the-clock basis as well as two cyber SOCs employing threat-management experts, who are described by Gourgeon as "ethical hackers."
"The threat landscape is heterogeneous -- there are targeted attacks aimed at taking down an entire business but quite rare as well as mainstream attacks that are much easier to do," he says. "You have to look at the whole spectrum because the mainstream attacks can be used as a smokescreen."
Indeed, hackers that targeted France's Le Monde newspaper in early 2015 used "phishing" techniques -- whereby fraudulent emails were sent to several reporters -- as a means of infiltrating the organization.
A tiered cybersecurity approach
Partly through Lexsi, Orange runs training programs for clients to raise awareness of phishing and is also working to ensure its own employees are well briefed about the risks of these mainstream attacks.
Those initiatives form part of a tiered approach to cyber defense that starts with the "basics" of education and security governance before moving up to the "reactive" techniques used by the SOCs.
The next stage involves taking a more "proactive" approach to cyber defense through the use of the cyber SOCs, but the ultimate goal -- says Gourgeon -- is to be more "predictive" and anticipate threats before they have even caused any damage.
It is for that reason that Orange has been making investments in a threat intelligence database that analyzes multiple sources to detect signs of danger for customers.
The database currently stores about 14 million entries from around 400 data sources, allowing Orange to provide information to customers about imminent threats.
"There is no customer-related information in the database that we sell," emphasizes Rodrigue Le Bayon, the head of cybersecurity operations for Orange Business Services. "But we can extract information and provide that to the customer in real time."
Crucially, the database is being fed by and aiding the work of analysts at Lexsi, whose threat defense center has been set up to prevent and respond to various types of cyber attack.
The new scrubbing center in New York, meanwhile, complements two others in Europe and boosts Orange's "mitigation" capability from 2 terabits per second (Tbit/s) to about 2.8 Tbit/s.
Essentially, that puts Orange in the position of being able to identify a number of large DDoS attacks at the same time.
Orange's cybersecurity team now claims to serve about 720 multinational customers and manage about 60,000 pieces of security equipment worldwide.
While the Orange Group does not break out figures generated by Orange Business Services, it singled out security as a driver of growth in its 2015 annual results.
"We're putting cyber defense in all that we do," says Gourgeon. "That means selling security services to customers but also embedding security in the initial design of what we do."
— Iain Morris, , News Editor, Light Reading