TCS cybersecurity portfolio stresses proactive, not reactive, mitigation
TeleCommunication Systems this week introduced at the CTIA show in New Orleans its Enterprise Security and Protection (ESP) cybersecurity portfolio that places an emphasis on preventing intrusive attacks. The portfolio includes a variety of tools —firewalls, intrusion-detection and prevention systems, malware, adware, and anti-virus software — and guidance from TCS’s team of cybersecurity experts. It can be customized with products provided by third-party vendors.
Cybersecurity breaches can have devastating consequences, according to Drew Morin, TCS chief technical officer, noting that a D.C. law firm had to shut its doors 30 days after hackers pirated client data and posted it to the Internet.
“People typically don’t expect that a cyber attack will cripple them completely or drive them out of business,” Morin said.
The first step toward cybersecurity is to assign the enterprise an ESP Quotient, which quantifies the needs, based on the sensitivity of the organization’s data.
“For instance, Bank of America would have a much higher ESP Quotient than would Sanford and Son,” Morin said.
The next step is to assess the network’s vulnerability and the enterprise’s ability to respond to an attack, which a group of TCS personnel — dubbed the “Red Team” — does through a process that Morin describes as “ethical hacking.”
“What they try to do, without doing any damage, is to see whether they can gain control of that server,” Morin said. “We have created a series of exercises designed to exploit any weaknesses that might exist.”
The attack is done with the client’s permission, but the client has no knowledge of when or how it’s going to happen, in order to prevent any action—inadvertent or otherwise—that might yield a false outcome.
As it assesses, TCS also takes a look at the organization’s public face.
“Sometimes attacks occur simply because the organization has a high profile,” Morin said.
Also, the greater an organization’s presence in the public eye, the more information that’s available that can be used against it.
“There’s a lot of information that’s exploitable, and that creates a vulnerability,” Morin said. “Sooner or later, [hackers] will find the key to get into your network.”
In addition to identifying weaknesses, the mock attack is designed to validate how quickly and effectively the threat was mitigated.
“We try to teach them how to know when they’re under attack and how to stop it,” Morin said.
Once assessment and validation is complete, the enterprise is given a score that corresponds to its ESP Quotient; the degree of discrepancy indicates how much work needs to be done.
As part of its service, TCS also provides training for company executives, to help them better understand cybersecurity threats, why they are so dangerous, and to educate them about the value of strong policies that are enforced. Meanwhile, employees are taught about the risks of opening suspicious e-mails or downloading files that may contain Trojan horses.
Even the organization’s IT personnel receive training to change their mindset to proactive from reactive. The theory is that preventing an attack always is less costly and painful than cleaning up the mess later.
“The best defense is an understanding of the offense,” Morin said. “If you’re going to protect your network, you need to understand how they’re going to attack it.”
One attack that catches many enterprises completely unaware — but is like a ticking time bomb — is an advanced persistent threat, which hides deep within the network and evolves as conditions change.
“It’s constantly there, waiting for you to make a mistake,” Morin said, explaining why ongoing networking monitoring is yet another critical element of any effective cybersecurity effort.
In other news, TCS unveiled this week its VoLTE 911 (voice over LTE) solution, which enables wireless carriers to provide 911 emergency services over their 4G LTE networks.
“As the wireless carriers have been deploying LTE, they haven’t cared all that much about 911, because LTE primarily is a data platform,” said Thomas Ginter, TCS’s vice president of product management. “But as soon as VoLTE handsets hit the market they will care, so we had to beat them to the punch.”
Because some of the carriers are expected to launch VoLTE handsets in the first quarter of 2013, the solution will be available by the end of this year, Ginter said.
The platform combines elements of TCS’s existing wireless and VoIP platforms to create a hybrid solution that will enable carriers to locate VoLTE handsets and route the call to the appropriate public-safety answering point, he added. This will occur even in situations where the 911 call switches from the 4G network to 3G/2G networks.