Hila Meller, VP of Security at BT, on Telco Security
Anna Sliwon-Stewart, research analyst, security and building technologies at Omdia, caught up with Hila Mellar, VP of Security at BT, during Broadband World Forum 2019 to discuss telco security and how conventional security perimeters are fading.
WATCH THE FULL INTERVIEW HERE:
Anna Sliwon-Stewart: Hi there. My name is Anna Sliwon-Stewart, and I’m a research analyst with the Security and Building Technologies Team at Omdia. I’m here with Hila Meller, the Vice President of Security, Europe, for BT. Hello.
Hila Meller: Hi. Thank you for having me here today.
Anna Sliwon-Stewart: Thank you so much for being here with us. It’s a lovely event, and we’re really glad to have experts like you with us, and I wanted to talk to you today about some of the changes that you have seen in the industry. Cloudification, virtualisation of the telecommunications industry, age processing, and 5G now. What security challenges do you see coming from the next two years?
Hila Meller: It’s a great question, and it’s the questions that really keep us busy a lot at BT. Being a global organisation active in 180 countries around the world, working with the biggest, most global multinationals that are out there, we’re really in the core, in the centre of everything that is happening. And we see a lot of challenges around, for example, the changes in perimeters. All perimeters are fading, they are becoming more blurred, and that requires for new controls to be embedded. Not necessarily just perimeter controls, but additional security controls.
We also see an increase in more sophisticated threats. Another interesting challenge we see that organisations are facing is still a traditional challenge that we’ve seen in the past, and it’s around getting the basics right, having just basic hygiene around the network and assets, getting things patched, for example. Still pretty much a challenge, believe it or not.
And, the last one, with everything that is happening around, is a global shortage of skills that keep us ourselves concerned, but also our customers. Researchers show that around one million people are missing from the workforce with cybersecurity skills, and that means that there is a lot to be done, but not enough people to deliver that.
Anna Sliwon-Stewart: I see. That sounds like a lot of challenges, and a lot of ground has been covered. But still, as you say, steps to make.
Hila Meller: So, for quite some time, telcos have been doing much more than just being telcos, and for different reasons started delivering additional services to the market, among them security.
And security becomes really important today. First of all, customers expect telcos to provide them with secure networks, clearly. But, in addition to that, customers expect telcos, given their presence in the network space, to give them added value in the form of security services.
And a good example that I can give you from BT is to our network around the 180 countries, we are able to capture a lot of events and actionable intelligence, and really advance threat analytics that we’ve been able to develop, based on that network presence that we have around the world. This added value in security that customers expect to have from companies like us.
Anna Sliwon-Stewart: I see. Now that all security challenges are getting more complex and more complex, the challenge standing in front of providers like yourselves is that much bigger. I guess you’re trying to address that.
Hila Meller: Exactly. We do see a lot of challenges in the market. And I have to say that also the way that BT address that, and the way that we build our own security organisation is pretty much unique in the market. What we basically decided to do in order to advance all those challenges is to unify our security unit.
So, the same group at BT that protects our internal assets - that’s the same group that then, later on, will provide security to our customers. That provides really good synergy and knowledge, so everything that we experience internally by working in a very large global telco organisation, we then take it to market and use this experience to provide top services to our customers, addressing their very advanced threats.
Hila Meller on the Security Landscape
"All perimeters are fading, they are becoming more blurred, and that requires for new controls to be embedded. Not necessarily just perimeter controls, but additional security controls. We also see an increase of more sophisticated threats. Another interesting challenge we see that organisations are facing is still a traditional challenge that we’ve seen in the past, and it’s around getting the basics right, having just basic hygiene around the network and assets, getting things patched, for example. Still pretty much a challenge, believe it or not."
Anna Sliwon-Stewart: So, in light of all the great work that you’re doing at BT, what advice would you give to other telcos to help them secure their organisations better and serve their customers better?
Hila Meller: I guess I would probably have two advisers, and they relate to two sides of the spectrum in a way. Let me explain. One part would be much more operational, and another part will be much more strategic. So, from an operational point of view about security, it’s really about getting the basics right, the basic hygiene, getting a good visibility of the network, of the different assets, understanding the inventory, making sure there’s a good policy of patching in place, privileged access management. Really getting all the basics right.
It’s still very important, it’s still very relevant, and should be addressed. The second advice that I have for telcos is around the more strategic aspect, and it’s about being able to develop a risk-based approach to the board, being able to have discussions with the board of directors of the company around cyber risks and potential investments in cyber.
In order to do that, you should be able to understand your risk appetite. You should be able to quantify the different risks. If you manage to do that, then conversations with the board become much easier. The support that is then being provided is much better. And that also is being realised with different budgets, to become much more available for investments in cybersecurity.
Anna Sliwon-Stewart: That sounds like great advice. If I was in a place of another telco, another organisation, I would definitely want to take pointers from you. If you were to call the industry to do something, change something, or maybe address some of the challenges that have not been addressed so far, what would you suggest doing?
Hila Meller: I can tell you what is really important at the moment. At the moment, unfortunately, being a cybercriminal, it’s a good profession. It’s profitable, and unfortunately, it’s still pretty much a safe job, because it’s still complicated to pursue cybercriminals. So, my ask from the industry is to really join forces, share information, share intelligence, work with law enforcement organisations, so we can really go after those criminals and pursue them, and make sure that their crimes are being addressed, so that will no longer be such an attractive job description.
Anna Sliwon-Stewart: We’re now in the second day of the Broadband World Forum, and from what you have seen so far, how would you describe the event, and what did you enjoy most about it?
Hila Meller: Look, definitely it’s a very impressive event. There’s so much happening in parallel. So, the agenda is so busy, that it’s really difficult to select the different tracks that one wants to participate. But, overall, very professional, good tracks and content, excellent speakers, very good event from my side.
Anna Sliwon-Stewart: Can you tell me, what have you seen are some of the key examples of really great technological innovation?
Hila Meller: Technology innovation, I think it becomes really exciting when it helps us shape a better world. And you see a lot of good innovation around IoT. For example, in the transportation area, helping develop more ecological transportation ways. But what really gets me excited and what I really value is all those advantages that were made recently in the healthcare space. For example, very sophisticated diagnostics and services around healthcare that are purely digital and very innovative. At the same time, it’s all about saving lives. But at the same time, with those connected appliances and connected services, there is also a cyber-risk that should be taken into account.
Anna Sliwon-Stewart: Awesome. Thank you so much. That’s really interesting. I really enjoyed talking to you.
Hila Meller: Same here.
Anna Sliwon-Stewart: Thank you very much. This is Hila Meller, from BT, Vice President of Security, Europe, at Broadband World Forum.