- Customers on digitalised networks expect operators to provide more protection. A simplified, network‑based approach could rapidly transform the security landscape, believes Allot.
- As global security trends change, an opportunity remains for telcos to gain a first‑mover advantage.
- Commercial teams must take ownership of end‑user protection.
- Bundling security with premium next‑generation access could bring quick return on 5G investment.
As the technology driving mobile networks has evolved over the past quarter of a century, the main supporting pillars of a competitive service have also developed and grown, notes Allot President and CEO Erez Antebi.
A 35‑year veteran of the communications sector, Antebi recalls the days of nascent expanding networks, where levels of coverage defined the battlefields for operators’ growing empires. When networks reached virtual ubiquity and data services began to proliferate, connection speeds became the differentiator. Then, as data networks became more sophisticated, reliability became the mark of distinction.
Now, Antebi says, these aspects of service have all reached levels where there is little scope for players in major markets to boast competitive advantage. There is, however, a new pillar that is set to become established not only as a differentiator, but will quickly be recognised as a digital right for service provider customers — access security.
As the global communications market embraces greater societal and industry protections for individuals in a data‑driven environment, Antebi considers that security remains an area where mobile network operators could do more to support their customers. They need to re‑engage with the core purpose of their services — connectivity — and make a commitment to ensuring that security of access is a fundamental aspect.
Just as consumers expect the water from their taps to be clean, and their electricity supply to be safe and protected from dangerous surges, so too will telecoms customers increasingly expect their provider to deliver access that can be trusted. “I don’t want the water company to tell me, ‘buy a purifier, buy a filter, and, after that, you’ll be safe’”, says Antebi, “that’s their job, not mine, and communications should be seen the same way”.
“It’s no longer acceptable just to have a clear pipe to the internet that brings whatever bad stuff the internet brings to the consumer. They need to have the coverage; they need to have the speed; they need to have the reliability — and now they need security as well. ”
Antebi and Allot believe there is pent‑up demand for effective embedded network‑based security for end‑users, and that traditional endpoint solutions are ill-equipped to address this effectively.
This presents a considerable opening for operators ready to act, and not only to claim the access security space for the telco sector, but also stake a leadership claim in competitive markets where winning and keeping valuable customers is an eternal battle.
The value of securing a first-mover reputation
Antebi believes that a considerable first‑mover advantage is there for the taking for operators that adopt an integral secure access approach to commercial offerings, with the alternative being relegation to a market follower status less attuned to customer needs. While taking a fresh approach comes with risks, the vendor is adamant that the market signals show this move to be a safe bet.
Support for the vendor’s focus on cybersecurity is justified by research into telecoms customers’ priorities and concerns. Citing surveys from GSMA Intelligence and PwC, which identify security as one of the three major priorities for both fixed and mobile data customers, Antebi adds that “customer research has shown that people would actually go so far as to switch service provider if the alternative was offering them really reliable security”.
Looking beyond research, the US market is already seeing moves towards putting a commercial focus on end‑user security. Two local Allot clients, DISH Network and Verizon, are pushing ahead in this field, with other key players in the market also expressing interest in rounding out their commercial propositions with a focus on secure access.
Antebi notes that the USA is a particularly concentrated market, structured in such a way that momentum behind a new service can build rapidly, while in Europe the more fragmented nature of competition can result in longer lead times before services become widespread. This does, however, present an opportunity for players to take a lead in the market by acting quickly. “They need to get this message out fast and first” he says, “because, ultimately, everybody’s going to have to send the message”.
“The question is, are you going to lead here and come out and say, ‘OK, in addition to my standard coverage, reliability, and speed, I’m going to protect you’, or are you going to have to play catch‑up after somebody else does that? ”
Customers embrace security when operators make it simple
Despite Allot’s optimistic outlook, there remains a thorny question: if access security is so compelling and important an idea, why has it not become universal before?
For Allot, this disconnect can be at least partially explained by the decoupling of end‑user cybersecurity services and the fundamental requirements for running solutions on mobile networks.
Currently, a 4%–5% uptake rate for bundled cybersecurity services from traditional antivirus service providers might be considered a relative success for operators. Even then, there remain ongoing complications around configuration and updates that undermine the value of the service and act as a drag on experience and uptake.
An embedded network‑based service that does not rely on endpoint installation and continued customer maintenance can take the handbrake off demand. In comparison with other security solutions that require proactive downloading and installation on the consumer’s part (such as endpoint, app-based solutions), a network-based solution for consumers and SMBs enables zero touch onboarding, which increases consumer engagement while remaining device-agnostic.
“When the CSPs adopt network‑based access security and promote it, it’s gobbled up by the end‑users. We’ve seen take-up rates that are 20%, 30%, even 40%. If you compare that to endpoint solutions, it’s a whole different scale of take-up, and it’s because all you have to do is say, ‘yes, I want this service’ and it’s instantly provisioned and it’s zero touch. ”
Network experience enables a simpler customer solution
Allot highlights that it is able to offer network‑based access security both standalone and as a component of its existing services, delivered over networks where the architecture demands are understood, services can scale, and the overall package remains carrier‑grade.
“We’ve had a natural progression from being a deep packet inspection company and have been able to evolve into a cybersecurity provider with tonnes and tonnes of knowledge of the telco world, which makes it possible for us to offer this type of solution. We understand the sales and development cycles, the places you need to touch, and the challenges of implementation for telco‑grade solutions because we’ve been in service provider networks for 20 years. ”
Antebi considers that the implementation of the solutions offered by Allot can be rapidly deployed from a network implementation perspective, while also noting that it is important to ensure that all elements of an operator’s business are aligned and onboard with the introduction of services, and that there is a clear strategic vision.
“There will be work to be done on the network, but there’s not a big technical challenge here. Once an operator decides to do this as a priority, they will need to adapt their branding, their messaging, their billing systems. All of this can be done quickly when it’s a high enough priority. ”
Security must be treated as a key business priority, not just a network one
Deep in telecoms infrastructure, security has always been treated as a main priority, and the existing robustness and resilience of networks should not be downplayed, in Antebi’s view. This has, however, seen security pigeonholed as a matter for IT leadership or network architects.
The Allot CEO considers that delivering security for end‑users should correspondingly be in the hands of customer‑focused executives and merits greater strategic consideration for the executive committee.
A key reason for adopting a bigger picture view on security is because the risk being tackled is subtly different from those conventionally in the CISO’s domain.
“Customers being subject to phishing attempts, or ransomware attacks, or anything like that — that doesn’t affect the network; it’s the individual who suffers. They have lost personal information but it wasn’t stolen from the operator’s database. It was stolen from their phone or computer. That’s a very, very different animal, and that is not typically the responsibility at all of the network or technology people in the operator. ”
The responsibility, he says, should be with the executives mandated with providing value to the customer, and they should be ready to act because offering protection is a clear and compelling way to deliver value. When end‑user security is treated in the same way as delivering coverage, data speeds, and reliability, it becomes a commercial decision that could deliver substantial uplift on market impact.
A quick win for 5G, as part of the cloud network long game
Delivering access security for end‑users can also support development of immediately compelling 5G tariffs and services, believes Antebi.
As the industry continues to seek the most effective use‑cases for the next‑generation network, operators could find a fast and efficient way to encourage consumers to adopt the technology by adding security into a premium 5G product. With potential for delivering tiered levels of security alongside faster connections, migration to the new network could be accelerated even prior to the more transformational elements of 5G technology coming to fruition, and additionally help to speed up the process of clearing older networks.
The virtualised nature of 5G networks almost by definition makes them more susceptible to attacks on both infrastructure and users, notes Antebi, which is driving the need to ensure the technology is secure by design.
“ Most savvy operators understand that a distributed core, with many, many connections into the internet, creates a broader front for attack, and, therefore, not only does the network need to be protected better, individuals need to be protected better. ”
As the 5G portfolio of services expands into areas such as the connected home and the smart SMB, all‑encompassing end‑user security will be another important element of an effective commercial offering. This may also tie more effectively into the core purpose of communications providers in a way that Antebi considers current value‑add efforts do not.
“Offering OTT content services like Netflix or Disney+ as part of a package is understandable, but it’s not really connected to access. What’s the real core of the telco? Access to the internet. Nobody else is doing that. Not Amazon, or Apple, or Google. That is why we’re talking about securing the access. For the telco, this is your value. Secure this.
In stepping up and providing secure internet access for everyone, operators can also grasp a perfect opportunity to add tangible value on top of ubiquitous connectivity. ”