If you are part of a telecommunication company’s cyber security team you will understand how complex, and at the same time critical, your responsibilities are; not just for the protection of your organisation but as part of the country’s critical infrastructure.
Telecommunications legislative obligations
“All carriers, carriage service providers and carriage service intermediaries will be required to do their best to protect networks and facilities from unauthorised access and interference – including a requirement to maintain ‘competent supervision’ and ‘effective control’ over telecommunications networks and facilities owned and operated by them.”
In doing ‘their best’, organisations are required to take all reasonable steps to prevent unauthorised access and interference to protect the confidentiality of information and the availability and integrity of networks.
In maintaining ‘competent supervision’, organisations must maintain technically proficient oversight of their network and facilities.
Australian organisations must also comply with the local Australian Privacy Principles and new mandatory data breach notification laws, which came into effect in February 2018.
Why not download our Personal Data Breach Mitigation 4 Step Best Practice Checklist to discover preventative strategies to minimise the number of data breaches.
NIS Directive (EU) 2016/1148
This Directive places requirements on European providers of essential services in critical infrastructure sectors (including Telecommunications) and aims to enhance the security and resilience of networks and IT systems across the EU.
The 14 high level security principles proposed by the UK government to meet the security requirements of the NIS Directive include an effective security monitoring strategy and proactive security event discovery. Operators of essential services in the UK are currently encouraged to start analysing their systems and existing security measures to identify control gaps and plan any necessary remediation. Find out more here.
Privacy and GDPR
As your organisation holds and manages massive volumes of consumer personally identifiable information (PII), compliance to privacy legislation is of paramount importance.
The EU General Data Protection Regulation (GDPR) is a new regulatory framework for data protection and privacy that came into effect on 25th May 2018. Your organisation is bound by the legislation if any one of the following conditions is true:
- You have offices in the EU;
- You offer goods and/or services in the EU;
- You collect the private information of EU citizens.
There are five individual articles or clauses that have specific cyber security requirements. Visit our GDPR page to find out more.
Diversity of service offerings
Modern business customers need bandwidth and reliability and often rely on their telecommunications supplier for a range of IT related services. Often these services include the hosting or provision of managed services like mobility and remote access, cloud based services and hosting as well as pure network communications.
The delivery of reliable connectivity and IT solutions and the provision of security around hosted customer systems as well as the telecommunications provider’s own IT environment, billing systems and applications is key.
Gaining visibility of issues and threats as they occur and having sufficient information and context to troubleshoot, investigate and resolve them plays a major part in meeting security service management objectives. With massive connectivity and ubiquitous Internet access comes risk, and these risks must be understood and controlled.
How Huntsman Security can support your cyber resilience
Huntsman Security works with major telecommunication providers across the UK, Japan, and Australia. Our technology can support your organisation with many ‘must deliver’ responsibilities:
- Real-time security monitoring across a wide variety of systems types, network components, application platforms and host operating systems
- Instant visibility of cyber posture – status dashboards operations teams and executive stakeholders (against government recommended security controls, national and international compliance standards)
- Rapid threat resolution – automated threat verification enables you to see real threats, supported by case file evidence.
- Improved context – threat intelligence derived from across a network as an input to the security incident detection
- Customer data separation – Multi-tenancy support for either different service domains or to ensure customer data separation in monitoring, hosted services
- Efficiency – A single interface to enable the management of multiple, fully queryable data repositories
Testimonials and Case Studies
Huntsman Security technology supports some of the largest and best-known telecommunication organisations in the global market. Case studies and testimonials are available on request.
Material to help Telecommunications Cyber Security
- Fast Track your GDPR
- Personal Data Breach Mitigation – 4 Step Checklist
- Insider Threats – Why Behaviour is Key to Early Detection
- Analytics & Automation in Cyber Security
Compliance Solutions for Telecommunications