• DT Chief Security Officer Thomas Tschersich: video conferencing here to stay, but widespread remote working will only work if there is increased trust between enterprise and cloud partners.

DT CSO Tschersich on security in an emergency

DT CSO Tschersich on security in an emergency

Source: Deutsche Telekom

Thomas Tschersich, Chief Security Officer (CSO) at Deutsche Telekom (DT), shared some insight into the challenges and opportunities faced during the coronavirus outbreak at the telco. He joined German TV presenter Jan Köppen as a guest on T-Systems’ inaugural podcast episode: “Security in an emergency”.

T-Systems joins a raft of tech and telco players to target the growing podcast listener base. Google Cloud and Amazon Web Services each have podcasts with over 200 episodes.

A new normal?

In the half-hour episode, Tschersich spoke at length about the challenges faced by DT in transitioning to work-from-home mode. When compared with Chief Executive Timotheus Höttges’ wide-armed embrace of video conferencing and, albeit to a lesser extent, a work-from-home culture, Tschersich appeared less than enthused. “This is an abnormal situation, and I hope we get rid of it as soon as possible”, he said. He returned to the office as soon as it was safe to do so in early-May 2020, but admitted he was tired of spending most days sitting on video calls with colleagues.

Tschersich noted that many people in DT service centres ordinarily work at shared spaces with desktop PCs, making social distancing nearly impossible. The initial challenge, he said, was to enable 16,000 service centre employees to work from home in as short a time as possible. This was one of many things he initially thought would be impossible, but DT managed to execute quickly. “We were able to equip 16,000 employees with desktop PCs within one and a half weeks, to enable them to work from home”, said Tschersich.

Though hardware could be distributed with relative ease, Tschersich conceded that enabling a massive increase in bandwidth was a greater challenge, as demand for corporate network access from “roughly 80,000 people” soared. This is being seen as an efficiency and flexibility opportunity in some parts of DT, as the security chief described it as the “biggest digitalisation process in the history of mankind”. He said some departments had already been considering a trial-run of remote-working in 2020, pre-COVID-19 — and the virus has added extra impetus to those plans.

Tschersich’s biggest gripe with remote working was what he perceived as a lack of solutions that enable true collaborative, creative work within teams. “You need to feel the emotion in the room”, he said. Though he conceded video conferencing “will stay, for sure”, there seems an industry-wide understanding that certain meetings must be held in-person.

During DT’s latest results presentation, Höttges joined other business leaders in floating the idea of a “hybrid office”, with more employees working from home. He also hinted that long-term impacts of COVID-19 will include reductions in travel and a rollback of physical office and retail space.

Cloud provider trust test

When asked about things that DT had learned while handling the ongoing crisis, Tschersich pointed to the importance of securing the mass of data now being handled off-site and outside of what he described as DT’s “security fence”. In turn, he said, this will lead to passing of more control to cloud service providers where necessary.

“ This will result in different… security concepts for the future, and maybe also end up in giving up a little control. You will need to trust that cloud service providers are taking care of the data. ”

— Tschersich.

As part of his predicted “new security concepts for the future”, Tschersich described:

  • A need for CSOs to trust that employees follow security best practices, while working from home. This will require an education effort to ensure that all parties understand their responsibilities when off-site.
  • Handing over certain data security responsibilities to cloud service partners, including authentication and encryption, as data flows from central corporate networks to thousands of home offices.
  • An understanding that entry-points will move, with cyber criminals undoubtedly looking to take advantage of weak points in network security. “Criminals are already adapting their models to the current situation”, he warned.
  • An increase in cyber security investment for businesses of all sizes. Tschersich referenced talk of the coronavirus pandemic being a driver for digitalisation, but added the caveat that “you need to invest money into it. There is no free lunch, nowhere. And that is the same with cyber security”. Claiming that currently a standard model is to spend 3%–5% of IT budget on security measures, he noted this could grow if more businesses choose to maintain remote-working.