Skip to main content
false
shared header v2
Lucid Search Bar Implementation
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)

Perspectives Home / Security

The Security Detail Download: Cyber Threats to the Telecommunications Sector

Read the top takeaways or listen to the second episode of a new podcast series by SURGe, Splunk’s strategic security research team. Former CISO of financial services firms SBV South Africa and Discovery Limited Ian Keller talks top threats to the telecommunications sector.

cybersecurity expert headshot

The Security Detail is a podcast series facilitated and hosted by SURGe, Splunk’s strategic security research team.

Every other week, co-hosts Audra Streetman and Kirsty Paine interview security experts about the cyber threat landscape across various industries.

Episode two features an interview with Ian Keller, a former CISO at financial services firms SBV South Africa and Discovery Limited, with more than 20 years of experience in the field, including expertise in telecommunications across Africa and the Middle East. Keller currently advises enterprise boards and CISOs on their security posture, and is the creator of the blog The Troublemaker CISO.

Read more for a few key takeaways from the interview, or download the full episode.

1. Organizations need to improve their approach to security hygiene

Keller maintains that expanding visibility into the telco network and addressing security hygiene are critical in identifying vulnerabilities, mitigating or preventing breaches and improving overall security posture.

“Obviously, sensationalism sells and it creates this massive storm in the teacup,” Keller acknowledged. “But when you start looking at the reality of things, you'll find that most of the time it is bad security hygiene that has led to something [bad] happening or a business putting pressure on the IT department to put something into market that they are not ready to put into market.”

In his interview, Keller discusses the security challenges in the telecommunications (telco) industry, emphasizing the importance of defending network infrastructure, effectively navigating regulatory constraints and managing media sensationalism.

2. Telco expansion will increase attack surface

Keller also highlights that the telco industry’s significant growth, with billions of nodes and constant technological advancements, has also created an expanded attack surface that gives bad actors new ways to exploit vulnerabilities. Keller identifies the lack of visibility into telco nodes as a top risk and emphasizes the importance of addressing regulations that may hinder security efforts, while also extolling the numerous benefits of an expanded 6G network.

“We're going to have an increased attack surface no matter what we do,” Keller said. What 6G is going to bring us is a lot more low latency networks. It's going to enable a hell of a lot of things that I think are going to be fantastic.”

3. Telcos are alluring targets for advanced persistent threats (APTs)

During his interview, Keller explains that telcos are attractive targets for advanced persistent threats due to the wealth of information they possess. APTs operate covertly, continually probing for weaknesses and avoiding detection. Keller notes APTs’ advanced capabilities and extensive networks make it challenging to apprehend them. He predicts that cybercriminals may increasingly adopt APT tactics as the threat becomes more common, driving the need for telcos to implement more robust security measures.

“I think a lot of organizations have got an advanced persistent threat inside the organization,” Keller said. “They just don't know it.”

Listen to the full interview to hear Keller’s thoughts on collaboration between telco leaders and their CISOs to ensure effective security strategies and decision-making. To learn more about The Security Detail podcast, visit thesecuritydetail.podbean.com.

Read more Perspectives by Splunk

July 11, 2023  •  7 Minute Read

The Executive Imperative to Innovate With Resilience

IT and security leaders have a perilous balancing act to manage. Mandates from the top say everything must be cutting edge, but secure. If apps don’t have AI in them, you’re fired — but also, please don’t let AI undermine our business. What’s a CxO to do?

July 11, 2023  •  3 Minute Read

The Best Pieces We’ve Read (And Watched) This Year — So Far

Splunk’s thought leaders share the most valuable reports, blogs, webcasts and articles they’ve encountered in 2023.

July 11, 2023  •  5 Minute Read

How To Win Security Allies and Influence the Business

Splunk’s CISO shares four lessons he’s learned over 20 years of working in cybersecurity.

Get more perspectives from security, IT and engineering leaders delivered straight to your inbox.