Security Strategies

BTE 2015: Spare a Thought for the Network Security Team

Network operator security teams suffer from an unfair reputation and could do with some help and support from the rank and file within service providers and from top-level management.

So says Heavy Reading chief analyst Patrick Donegan, who will be hosting a number of security-related sessions during the Big Telecom Event (June 9-10 in Chicago).

"There is a perception that network operator security teams are the bad guys, that they are putting the block on the commercial teams. But that's not the case. They are on top of the challenges and understand all the threats, even if they don't currently have all the ideas about how to mitigate the threats. They are actually at the front line of moving things forward and they need their management teams and peers to step up and help," says Donegan, who has been delving into evolving network security issues for several years. (See Mobile Ops Must Hike Security Spending , Mobile Security: The Snowden Fallout and Mobile Ops Lose $15B Yearly to Network Outages.)

The security teams can only do so much without broader support, continues the analyst. "The security folks have a limited budget and the challenges they face are enormous. Security threats are growing -- it's an increasingly aggressive landscape and the level of vulnerabilities only grows" when SDN and NFV are added to the network architecture.

"The security teams at the network operators need two things. They need other departments to step up and take on some of the low-level security responsibilities within an organization -- the security teams have better things to do. And they need greater support from executive management. The top teams needs to embrace the new QoS -- differentiated Quality of Security.

"Operators need to be willing to provide variable levels of security depending on the needs of a service or customers and sometimes that will involve a relaxation of the very highest levels of security. The security teams can achieve this, but executive teams need to take responsibility… the processes and lines of communication to achieve this don't currently exist," says Donegan. (See Security Suffers From 'Not My Job' Mentality .)

Want to know more about network security? This will be just one of the many topics covered at Light Reading's second Big Telecom Event on June 9-10 in Chicago. Get yourself registered today or get left behind!

There also needs to be a greater awareness of what advanced network security strategies and support can bring to the table, adds Donegan. "When we look at security issues around the use of hypervisors, SDN controllers and the opening up of APIs to customers, the security team understand them and are actually more positive about the impact of these technologies than they are negative. The combination of SDN and NFV actually enables security to be implemented in a more unified and coherent way and also open up new revenue opportunities -- it provides operators with a more efficient and manageable way to offer and sell security services to enterprises." (See Surprise! The Cloud Has Security Advantages.)

— Ray Le Maistre, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editor-in-Chief, Light Reading

kq4ym 6/4/2015 | 5:55:22 PM
Re: Network Teams Add Value to IT Security Initiatives Support of course is sorely needed espcially when the results of the security team's efforts will so greatly affect the organization. Probably one the great points to consider is how organiztions "need other departments to step up and take on some of the low-level security responsibilities." Delegating these tasks would certainly add to better results.
SeniorPr83671 6/4/2015 | 9:18:09 AM
Network Teams Add Value to IT Security Initiatives Patrick Donegan's comment stating that network teams cannot effectively face the security threat onslaught alone is spot on. Turns out that in our own study (bit.ly/1EsMOds), results clearly show there is help for the security squad close at hand via the network team. Of note, 85 percent of networking teams we surveyed are involved with investigating security issues and nearly 70 percent spend up to 10 hours per week on this effort. Beyond simply performing damage control and quantifying compromised assets, they are also more proactively involved in providing insight to strengthen security measures. Critical to their value, as you state in the last paragraph of the story above, is the deployment of advanced network strategies that leverage monitoring tools for back-in-time analysis by capturing and storing all network traffic. Often to solve the most critical threats, you need every packet. Only then can you be assured all IT resources are malware free and all compromised assets identified.

Brad Reinboldt, JDSU Solution Manager
Sign In