Security Strategies

Network Security: Innovation in Isolation?

LONDON -- InfoSecurity Europe 2016 -- Communications service providers have a great opportunity to take a leading position in the security services market but they'll need to collaborate, and quickly, if they're not to suffer a repeat of the missed cloud services opportunity that still haunts the telcos.

That's my key takeaway from a brief visit to this (largely enterprise security-focused) show in London, which boasts hundreds of exhibitors, thousands of visitors and a palpable buzz.

That conclusion came from the chat I had with Jaya Baloo, the chief information security officer at Dutch national operator KPN Telecom NV (NYSE: KPN), after she had delivered a keynote speech on the need for quantum key distribution (QKD) capabilities to be introduced to make data communications more secure in a world where security agencies and many others are getting smarter at accessing information.

She noted that it's still early days for QKD, as currently it needs the use of a dedicated fiber and even then that is only possible over short distances of about 50 kilometers maximum. (There are efforts to introduce Free Space QKD using lasers and low earth orbit satellites but that sounds even further down the road...)

Baloo called for a common security sector strategy on the development of QKD, but that's proving tough as there are so many differing opinions about what is possible and what will work.

What about collaboration, at least, among the major telcos, to see if there's common ground at least in the communications services sector? That's not happening currently, she noted, but it's something she is keen to be involved in.

Call for Collaboration
KPN's chief information security officer, Jaya Baloo, wants to work with other telcos on network security developments -- so who's up for it?
KPN's chief information security officer, Jaya Baloo, wants to work with other telcos on network security developments -- so who's up for it?

And as it happened Baloo wasn't able to chat any more than that as she was being whisked away for a meeting with Andrew Lord, head of optical research at BT Group plc (NYSE: BT; London: BTA), so at least the Brits and Dutch are looking at ways to collaborate.

And BT has plenty to offer in terms of cybersecurity innovation. (See How BT Deals With Security Threats and Leading Lights 2016: The Winners.)

It seems to me there needs to be a broader and more concerted effort, though. KPN is already pushing ahead with QKD tests between two of its data centers in partnership with ID Quantique, a Swiss encryption technology expert.

But innovation in isolation likely won't be enough: sure it may lead to some harder-to-hack capabilities but these developments need to lead also to the development of revenue-generating services that the telcos can sell to enterprises of all shapes and sizes. It seems to me that, without broad industry collaboration, the security services business opportunity might be handed to the likes of Amazon, Google and Microsoft, which have already bloodied the noses of the telcos in the cloud services market.

Maybe the KPN and BT talks will be the start of something bigger…

— Ray Le Maistre, Circle me on Google+ Follow me on TwitterVisit my LinkedIn profile, Editor-in-Chief, Light Reading

brooks7 6/10/2016 | 2:57:15 PM
Re: Totally agree with you  

Actually, I would argue that the CSPs are not in a better position.

Imagine a company with sites in 3 different countries with separate wireless and wireline carriers.  On top of that they have sites in data centers and on Amazon.

The number of carriers that are involved is essentailly off the charts and thus it is easier to provide the barriers at the edge of the enterprise.  That way there can be a uniformity of barrier independent of the carriers involved and their capability.


pdonegan67 6/9/2016 | 6:21:37 AM
Totally agree with you Totally agree with you, Ray. 

The Internet companies are highly, highly, motviated to drive further into the security services space since security is still the #1 barrier to adoption of cloud services.

CSPs can think they have a key advantage as Managed Security Services Providers (MSSPs) in terms of their unique touch points in the WAN and at the enterprise customer premises.

And let's be clear - they do.

But all it takes is for one or two CSPs to break ranks and bring those WAN and enterprise touch points to the table in a partnership with an Amazon, a Google or a Rackspace and that combination potentially trumps the pure CSP play.

There are certainly regulatory hurdles in the way of those partnership scenarios but be in no doubt they are under consideration.

Great article.

jayakd0 6/8/2016 | 10:03:37 PM
why always a follower? Looking at these trends, wish CSPs start looking at where they can be leaders than followers of web scale players! Collaboration will be a key challenge looking at their spread, culture and regulatory environment!  way to go :)
Sign In