The Telecom Sector

Guest Blog: “Rising to SASE and Zero Trust Challenges”
A guest blog for MEF, explaining the context behind the organization’s commitment to leading in SASE and Zero Trust standardization. View the blog

Briefing: Of Course Singtel Should Sell Trustwave
Trustwave was a poor fit for Singtel right from the start. The parent company should move forward with a sale View the Briefing

Briefing: Vodafone Business Makes Security Bets
Vodafone Business is finally making a respectable commitment to security services. Trebling security revenues by 2025 looks achievable. View the briefing

Guest Blog: “Complementary Security for Orange’s Data & AI Ethics Council”
A new HardenStance blog on Light Reading proposing an approach to collaborating on AI security standards that can complement Orange’s new Data & AI Ethics Council. View the blog

Guest Blog: “The Four ‘P’s of 5G Network Visibility”
My guest blog for Palo Alto Networks, setting out the “Four ‘P’s of 5G Network Visibility”: visibility into protocols, perimeters, permissions and partners.” View the blog

Briefing: A New Strategy for Telekom Security
Telekom Security is focusing on the Central European markets of Germany, Austria and Switzerland. M&A activity may even prioritize the U.S. before the big European markets like France and the UK.View the Briefing

White Paper: Learnings from Real World Telco Security Incidents
Looking into some recent real world telco security incidents highlights just how unhelpful a myopic focus on APTs, Chinese vendor software and 3GPP features can be to telco security.

Briefing: New Standards for Securing AI
ETSI is doing some excellent work to fill a glaring gap in cyber security standards - how you secure AI algorithms.

White Paper: 5G SA Networks Trigger a New Era in 5G Security
With the launch of the first 5G Stand Alone (5G SA) networks, mobile network security will never be the same again - here's why and what to do about it.

Briefing: An ATT&CK-Like Framework for Telcos
Will operators step up and support two enterprising individuals from Ericsson and Nokia in defining an ATT&CK-like Framework for the telecom sector?

Briefing: Deploying STIR/SHAKEN as a Service
All but the largest telecom operators should be looking at deploying the STIR/SHAKEN standard for blocking unwanted calls as a service, managed by a vendor partner, rather than building out their own infrastructure.

Briefing: Orange Funds New CI/CD Security Tool
Orange Polska has released Mixeway, an open source CI/CD security orchestration tool. It needs a lot more work but the GUI and aspiration to correlate vulnerability testing across security tools make it worth taking a look at.