Telecommunication mast TV antennas with blue sky in the morning

Looking into black boxes: Visibility for modern telcos

Estimated reading time: 4 minutes

Positive Technologies’ CTO, Dmitry Kurbatov, shares with EITN about problems in the telco (or mobile network operator, MNO) industry that he is trying to solve with his organisation.

“We are a high-tech company and MNO’s trusted cybersecurity advisor because of the challenges that we help our customers to solve.”

Security gaps

Especially now, because of continuing convergence between legacy telecom technologies and new technologies, Dmitry observed weaknesses and security deficiencies beginning to emerge.

He also wanted to point out the increasing compliance burden that 5G implementation poses.

“It is a really anticipated technology that is developed and widely adopted in multiple countries already.”

He opined that it is also time for regulators to understand the criticality of these technologies and the criticality of infrastructures created to support it. One cannot deny that communications infrastructures are critical national infrastructures that need to be protected to ensure availability and integrity at all times.

“This is why we see the increased compliance burden – from the national, sectoral and industrial perspectives,” Dmitry explained, adding that now are challenging times for a telco to navigate, to ensure they do not unwittingly fail a compliance checklist and have to pay fines.

Yet another challenge is one that reverberates for the whole cybersecurity industry as well – the shortage of skills. For the telecommunications industry, the shortage is especially acute because the talent has to be cybersecurity experts and be well-versed with modern telecommunication systems as well.

“So, these are the main challenges and we help our customers address these in order to be protected right now, in order to be protected from hacker attacks in the future, and in order to be competitive in this environment. Also to build a future-proof, cybersecurity-proof, and resilient 5G infrastructure,” Dmitry summarised.

Insecure networks

The CTO shared about a long-term industry tradition of proprietary solutions, hardware and software. This walled garden ecosystem, was pretty much the state of the industry for a couple of decades from the first generation era in the nineties, according to Dmitry.

Right now, 5G is here, 6G is coming and the CTO foresees that with wider adoption we’ll see the wider adoption of Information technologies like virtualisation, starting with late phase of LTE evolution.

Virtualisation enables this openness because it disaggregates hardware and software, enabling them to work independently of each other.

“Because trust me, nobody would like to be in a trap from a single vendor, where you have this specific hardware, and this specific software, and you can go nowhere but to buy this specific solution, this specific box,” Dmitry said.

The idea is that openness breeds more visibility because experts would be able to find flaws or security deficiencies more easily, and find different ways to address it, and solve it. Virtualisation enables this openness because it disaggregates hardware and software, enabling them to work independently of each other.

“And this makes technology only stronger, more developed, and more trusted,” Dmitry said.

The open ecosystem

The idea of virtualisation technologies like software-defined networking (SDN) and network function virtualisation (NFV) is to make the entire approach of building, operating, maintaining, upgrading the network, more flexible and more agile.

Openness also breeds innovation, and a lower threshold for new companies to enter the market and propose new services for mobile network operators.

“It’s actually much more convenient, flexible and agile because they can actually create their own R&D centres and contribute and participate in development of their own services instead of wait for a system integrator (SI) or vendor to develop a new feature in some specific network equipment.”

Openness also breeds innovation, and a lower threshold for new companies to enter the market and propose new services for mobile network operators.

This is also especially good from the cost perspective because there would not need to be specific proprietary hardware, and a standard server can be used instead.

The CTO added, “And this (server provided) the computing power used to run almost any application or network function or service in the network, and these are easily adopted, easily changed, easily swapped according to the current business needs or current proposition you are about to provide to your customers.”

Current lack of interoperability and transparency: the black box

To add more challenge to the story, Dmitry shared that NFV/SDN systems from major vendors still operate like a black box. He shared that this is no good because virtualisation is supposed to introduce transparency and visibility.

“But at same time, the security guys need to understand this challenge and they try to introduce visibility into this amount of assets, and some of them are quite successful.

“At this point in time, we are just starting this journey, but the direction is absolutely right,” Dmitry concluded.