CenturyLink: Changing the Security Mindset

  /     /     /  
Publicated : 22/11/2024   Category : security


CenturyLink: Changing the Security Mindset


Businesses need to think of cyber security as more than an occasional investment.



Businesses need to stop thinking of cybersecurity as an IT function and think of it as an ongoing activity such as accounting, the head of CenturyLinks security services says.
In an interview with Light Reading the day after hed hosted a CenturyLink Inc. (NYSE: CTL) Cybersecurity Summit in Monroe, La., Bill Bradley, the SVP of cyber engineering and technology services, admits he and others in the field are frustrated by the continuing need to get businesses to update their security efforts and take them more seriously. Given the way data breaches dominate the headlines, its hard to fathom why businesses of any size that are networked dont realize security is a priority. And what business isnt networked these days?
But as Bradley himself recently experienced, many business folks arent doing things as simple as changing passwords regularly or updating their systems from the default settings. At a recent speaking appearance, he asked the audience how many people had passwords that were at least two years old.
At least 40% of the audience raised their hands, and they were the honest ones, he says. When Bradley pushed the same question to five years, a substantial number of people still raised their hands.
He believes this is driven by the false sense of security company executives get when they invest in security infrastructure.
They are thinking about it like you once thought about your IT budget, Bradley says. Youd make an investment and then you would expect that to have a life of a certain number of years before you would need to refresh. But that refresh cycle -- people got very comfortable with. I dont think that is the right model for security.
Instead, the security model should be much more in line with how businesses view accounting -- as an ongoing effort.
In an accounting-type model, you have an ongoing effort if you are a business, he says. You have to get accounting reports out every month, every quarter, every year. But it doesnt just end there, you have to have an external audit and you have to do that every year, and its something people take very seriously.
Dont get left in the dark by a DDoS attack -- learn best practices to strengthen the security of your network. Join us in Austin at the fourth-annual
Big Communications Event
. BCE brings you face-to-face with hundreds of speakers and thousands of industry thought leaders. Theres still time to register and communications service providers get in free.
If that same level of attention was paid to security, Bradley notes, then many common breaches would be prevented, because much of todays activity depends on accessing networks through unprotected devices such as sensors or home automation gear, or easily prevented things such as email phishing.
Like most other telecom network operators, CenturyLink has made managed security services a major focus in recent years, including acquiring netAura last year and using that technology and talent to develop its own portal as well as add significant consulting expertise. The portal, which CenturyLink was showing off earlier this year to folks at the RSA conference, enables a more intelligent and proactive response to security threats, Bradley says. (See
Unknown Document 733065
.)
Its a proprietary portal that sits on top of those [network] systems, aggregates that data and allows customers to run sophisticated reports that allows them to make more informed decisions, he says. That gives you real transparency into what is going on in your network.
CenturyLink will also provide the expertise to businesses, particularly midsized and smaller, that dont have the people and processes to make the technology work, Bradley says. But in providing a full service security system, the company doesn’t encourage business customers to just sit back and enjoy the ride.
We dont recommend they take that 100% [of responsibility for security] from anyone, he says. They have to be actively engaged in defending their own systems and company themselves. But we can provide a significant part of that service to them.
And like every other person in the managed security services arena that I know, Bradley says much still must be done to educate businesses and make them smarter about security, in no small part because those who are waging cyber warfare are incredibly smart, and as the recent Wikileaks efforts have shown, more than willing to share what they find with each other to get smarter.


Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
CenturyLink: Changing the Security Mindset