Making security pay: savings generated by improved efficiency should not be offset by security losses - Network Management

Telecom did not need to wake up to security following tragic events last September. Security was a high priority before September 11 and remains so today, yet providers need a comprehensive strategy for proactive network element security. Increased deployment of TCP/IP has created new challenges. Some elements are now more vulnerable to intrusion, resulting in lost revenue, increased maintenance costs and reduced QoS.

The extent of security breaches and the associated costs are difficult to measure. Service providers are reluctant to disclose information about vulnerabilities for fear of encouraging more attacks. In addition, some security costs are not even being captured. Service disruptions or element malfunctions resulting from intrusions may be corrected without ever recognizing the intrusion, while theft of service can go undetected for years. Nevertheless, few knowledgeable professionals would deny that security is costing the industry millions of dollars each year.

Threats to TCP/IP-enabled network elements arise from both inside and outside the service provider organization, Certainly, outside attacks pose a real threat as hackers need only Internet access and an IP address to access unprotected network elements. Whether simply mischievous or truly malicious, hackers can steal or disrupt service and cause serious equipment malfunction.