Defence against telco cyber threats? Security automation is an operational and compliance imperative for CSPs

Defence against telco cyber threats? Security automation

CSPs are on a digital transformation journey. It’s a strategic imperative – to boost efficiency and reduce costs as a business, for compliance, and to enhance security. Automation of security processes can not only boost brand reputation, but also ensure compliance with increasingly stringent regulatory obligations that require new measures to protect against cyber threats. In a new paper, We Are CORTEX explores the operational, security, and compliance benefits of automation.

CSPs are undergoing significant digital transformation to ensure operational efficiency and the delivery of dynamic, differentiated services with optimum QoE while remaining flexible and agile. To remain competitive requires them to transform mission-critical operational processes and architectures – and automation is at the heart of this transformation.

According to Mordor Intelligence, for example, the network automation market will drive CSP spending on software and managed services from $21.1 billion in 2023 to $50.82 billion by 2028, a CAGR of just over 19%. With the increased network and complexity brought by cloud-native networks, CSPs understand that automation is the only way forward.

Cyber Security as a compliance requirement

At the same time, security must be built into the fabric of this digital transformation, from both an operational and business perspective and to ensure compliance with increasing levels of regulations, such as the UK’s Telecommunications (Security) Act 2021 (TSA) and the European Union’s Network and Information Systems Directive (NIS2 Directive).

As the number and complexity of cyberattacks and threats grows, security automation is becoming a pre-requisite for CSPs, enabling them to monitor, identify, analyse, and respond to current and future security threats before they impact the end customer. As a result, the security automation market is predicted to grow at a CAGR of 15.7% from $1.2 billion in 2022 to reach $5.1 billion by 2032.

According to Cisco, 95% of network changes are still performed manually today – this can lead to configuration errors and inconsistencies in the network and, in turn, downtime. Automation eliminates human error and minimises potential malicious human intervention.

According to a study by Analysys Mason, process automation reduces labour time for manual processes by up to 68%, which in turn reduces time-to-market for new services by up to 88%. Time spent processing errors manually is cut by up to 85% and mean time to repair is reduced by up to 71%.

Continual risk mitigation is embedded into the Telecoms (Security) Act 2021

However, it is the sophistication of cyberattacks that is the main concern for CSPs – a manual approach is simply not possible. With threats increasing, there’s no room for error – and removing humans from the loop is a key tactic to ensure protection against cyber threats.

Security is an ongoing process that needs to be monitored continually, and that responsibility is now set out in legislation. For example, one of the responsibilities placed on CSPs by the TSA is continuous evaluation, forcing CSPs to review their security processes and architecture on an ongoing basis, and to proactively search for, and mitigate against, potential future security breaches.

Increasingly, AI is also being embedded into automation and security processes and infrastructure, which brings bottom line benefits (while ensuring compliance). For example, according to IBM, organisations with the most mature security AI and automation capabilities see up to a 40% higher return on security investment and an average reduction in data breach costs of $3.05 million. Importantly, 81% of executives surveyed by IBM view security, assurance, and trust as brand attributes that differentiate their organisations.

The benefits of security automation for CSPs are clear:

  • Reduced attack surface – automation reduces the attack vectors that people might use.
  • Faster threat detection – automated alerts help to identify real security threats faster.
  • Quicker time to resolution – automated tools can automatically execute defined remedies on finding a threat, which can eliminate the need for human intervention completely.
  • Improved productivity – eliminates time spent on arduous manual processes.
  • Standardisation of security processes and responses – ensures security standards and policies are applied consistently throughout the organisation.

There are several layers of security automation. For example, low-level process automation can scan continuously for security vulnerabilities, run monitoring tools, record data, and perform basic threat mitigation (such as blocking malicious IP addresses at the firewall).

Security Orchestration, Automation and Response (SOAR) platforms (as named by Gartner), meanwhile, provide a stack of solutions that can monitor security threats and respond to incidents without human intervention.

At the most complex level, AI automation (sometimes referred to as eXtended Detection and Response systems) uses machine learning (ML) to identify threats based on previous patterns and orchestrate responses through multiple third-party security tools using rich API interfaces. Of course, AI algorithms can also improve detection efficiency over time.

How We Are CORTEX can help

At We Are CORTEX we have spent 20 years developing and honing our class-leading automation platform, which has been specifically designed to help CSPs automate and orchestrate complex security and operational processes. As a seal of approval, our first-ever customer is still using We Are CORTEX, having travelled alongside us through our automation journey and evolution. Today, CORTEX performs millions of automations every day – helping them to defend against cyber threats.

Our platform offers hierarchical exception handling, which allows automation developers to define CORTEX’s response to both known and unknown errors and threats. Multiple exception handlers can be chained together, each triggering a response to a specific exception scenario, ensuring broad coverage of multiple threat scenarios. Our platform also provides role-based access to enforce internal security, which removes the risk of accidental, malicious, or unapproved changes being made – and supports efforts to ensure compliance with emerging legislation.

To find out more about developing a security-first mindset download our whitepaper below

 

Share this article