The Security Detail Download: Cyber Threats to the Telecommunications Sector

The Security Detail is a podcast series facilitated and hosted by SURGe, Splunk’s strategic security research team.

Every other week, co-hosts Audra Streetman and Kirsty Paine interview security experts about the cyber threat landscape across various industries.

Episode two features an interview with Ian Keller, a former CISO at financial services firms SBV South Africa and Discovery Limited, with more than 20 years of experience in the field, including expertise in telecommunications across Africa and the Middle East. Keller currently advises enterprise boards and CISOs on their security posture, and is the creator of the blog The Troublemaker CISO.

Read more for a few key takeaways from the interview, or download the full episode.

1. Organizations need to improve their approach to security hygiene

Keller maintains that expanding visibility into the telco network and addressing security hygiene are critical in identifying vulnerabilities, mitigating or preventing breaches and improving overall security posture.

“Obviously, sensationalism sells and it creates this massive storm in the teacup,” Keller acknowledged. “But when you start looking at the reality of things, you'll find that most of the time it is bad security hygiene that has led to something [bad] happening or a business putting pressure on the IT department to put something into market that they are not ready to put into market.”

In his interview, Keller discusses the security challenges in the telecommunications (telco) industry, emphasizing the importance of defending network infrastructure, effectively navigating regulatory constraints and managing media sensationalism.

2. Telco expansion will increase attack surface

Keller also highlights that the telco industry’s significant growth, with billions of nodes and constant technological advancements, has also created an expanded attack surface that gives bad actors new ways to exploit vulnerabilities. Keller identifies the lack of visibility into telco nodes as a top risk and emphasizes the importance of addressing regulations that may hinder security efforts, while also extolling the numerous benefits of an expanded 6G network.

“We're going to have an increased attack surface no matter what we do,” Keller said. What 6G is going to bring us is a lot more low latency networks. It's going to enable a hell of a lot of things that I think are going to be fantastic.”

3. Telcos are alluring targets for advanced persistent threats (APTs)

During his interview, Keller explains that telcos are attractive targets for advanced persistent threats due to the wealth of information they possess. APTs operate covertly, continually probing for weaknesses and avoiding detection. Keller notes APTs’ advanced capabilities and extensive networks make it challenging to apprehend them. He predicts that cybercriminals may increasingly adopt APT tactics as the threat becomes more common, driving the need for telcos to implement more robust security measures.

“I think a lot of organizations have got an advanced persistent threat inside the organization,” Keller said. “They just don't know it.”

Listen to the full interview to hear Keller’s thoughts on collaboration between telco leaders and their CISOs to ensure effective security strategies and decision-making. To learn more about The Security Detail podcast, visit thesecuritydetail.podbean.com.