Kenya Cyber Security Report 2015
Cyber Security Perspective from the
Telecommunications Sector
Joseph Mathenge | Chief Information Security Officer, Airtel Africa
Bake in and not sprinkle on security
H
istorically, telecommunications
of challenges of an IP connected world?
configured or unpatched system.
have traversed voice services over
As we reinvent the telecommunication
Ponemon Institute conducted a survey
a switched-circuit-style network.
industry and weave technology deeper
on Data Security Breaches that revealed
In the recent years however, the growth
into our lives how much are we exposing
the number one leading cause of data
of IP packet based network, also known
our inherent vulnerabilities?
security breaches resulted from non-
as Next Generation Network, has seen
the use of multiple broadband transport
technologies and has fueled growth
of mobile data services through smart
phones.
As Africa closes in on 1 billion mobile
subscriptions, a recent report by global
technology consulting firm, International
Data Corporation (IDC), predicts
As security practitioners our goal is
defined; protect the information asset
while in use, transit or at rest. We must
deploy the same fundamentals with the
understanding and pragmatic view of this
environment so as to effectively protect it.
I want to highlight 3 key principals
that can be used.
malicious employee error (39%). These
breaches were typically the consequence
of complacency or negligence from lax or
insufficient access controls to sensitive or
confidential data. This is perhaps the most
difficult activity and one that too many
organisations in all industries do poorly.
3. Detect quickly and respond
effectively to systems security
smartphone shipments will top 155
1. Know your assets – You simply cannot
event. It’s been said that the only safe
million units by the end of 2015 in the
protect what you don’t know about. In a
communication device is one that you
Middle East and Africa having increased by
Telco environment,where there are nodes
buy and bury. If you think about it, that
66% during the first quarter of 2015.
of both IP and non-IP based network
beats the purpose in that, we buy these
this can be a daunting task. More so
as tools to facilitate communication and
the environment gets extended when
commerce. Keeping that in mind, it simply
the infrastructure provides connectivity
means that sooner or later, even the
to critical services providers such as
most securely maintained environment
healthcare, financial or lately energy
would be victim of a cyber security event.
distributors.
Accordingly, we must prepare by putting in
While the migration to this new platform
allows consumers greater value in voice
and data communications, it brings with it
a whole host of security challenges. Issues
that have bereft IP based network, ranging
from unauthorized network intrusion,
spread of malware to the destructive effect
2. Configure and maintain them
of Denial of Services (DOS) attacks.
securely. One of the most common
So have we learned from the experiences
causes of systems intrusion is poorly
place ability to monitor all activity, detect
anomalies, define if these are malicious
and respond quickly and effectively to
minimize the effect.
In conclusion, we must design and implement systems that cater for
our need to effectively communicate while accounting for known and
unknown security threats to our information assets.
19