Help protect the operations and reputation of a large telecommunications company from cyber-attack.
One such customer is a large telecommunications provider that contacted the IT security provider to help resolve a cybersecurity problem. The company’s complex IT environment and multiple levels of bureaucracy were causing headaches for IT employees trying to monitor the company’s environment for threats.
To detect security breaches or suspicious behavior, the telco needed to monitor data logs from thousands of devices and applications. This included applications created by the company’s in-house developers, as well as many types of telecommunications equipment. “We’re talking about a very large number of systems,” says a manager at the IT security provider
Interpreting the deluge of data logs generated by these devices and applications was difficult. The number of applications and devices was also rapidly increasing.
Even if employees did collect, ingest, and analyze the log data, they couldn’t do it quickly enough to respond to breaches. “It was taking too much time. If there was an attack, it would have been finished before they could act to prevent or stop it,” says the manager. As a result, the company did not comprehensively monitor its systems for security threats.
There was also a risk that any of the company’s many employees would inadvertently cause a security breach. They had minimal understanding of cybersecurity, and might be lured by attackers to click on links to malware or phishing schemes. Without a way to quickly monitor network activity, the company didn’t know if users were adhering to security rules. “Their security department created security policies, but if users didn’t abide by them there was no way to catch them,” the manager says.
The telco was therefore highly vulnerable to data breaches. The company had also failed an audit, designed to check that systems followed the Payment Card Industry Data Security Standard (PCI DSS). If the company didn’t resolve this problem, there would be potential financial sanctions.