Securing the future of telecom: Insights from RSA Conference 2024
The RSA Conference of 2024, just like every other year, was an illuminating experience. With bustling expo floors and over 400 sessions led by 650 speakers, it was a gathering of minds from diverse cybersecurity sectors. This year's theme, "The Art of Possible," emphasized collaborative efforts to enhance cybersecurity effectiveness.
In our increasingly digital world, security is paramount, and RSA provided a platform to delve into proactive strategies and emerging threats. It wasn't just about sharing knowledge; it was about harnessing the power of the community to tackle cybersecurity challenges head-on.
Key discussions at RSA 2024 revolved around pressing topics such as cryptography, zero trust architecture, and defending against evolving cyber threats with the help of artificial intelligence (AI) and machine learning (ML).
Throughout the past year, we at Nokia have been dedicated to improving our range of products and partnerships, with the goal of aiding our customers in safeguarding their network infrastructure and data. At RSA, we showcased our product portfolio encompassing telecommunications-specialized cybersecurity software solutions and consulting services.
Continue embracing the power of AI
Generative AI was the most prominent topic, just like at last year’s conference. Keynote speakers highlighted the importance of security automation and orchestration, leveraging AI and ML to automate security tasks, enhance threat detection, and expedite incident response. One of our tier 1 Latin-American customers said that generative AI has immense potential for their business too. By analyzing vast datasets in real-time and identifying anomalies and potential threats, it can facilitate proactive responses crucial in preventing data breaches and minimizing cyberattack impacts.
AI-powered cybersecurity solutions offer a significant advantage by automating routine security tasks, reducing the burden on cybersecurity teams and mitigating the risk of human error. Moreover, their scalability and adaptability are crucial attributes in combating ever-evolving cyber threats, handling increasing data volumes, and adapting to new threat patterns to ensure continuous improvement in safeguarding digital environments.
During our conversations at RSA, visitors were astounded by the concrete use cases we presented to them in the field of generative AI. We showcased our new Cybersecurity Dome GenAI assistant, a powerful tool that augments Azure OpenAI GPT with a telco-specific training corpus. It aids the security engineers with details, impacts, and resolution possibilities of security incidents specific to the customer environment. We anticipate it to reduce the time it takes to identify and resolve a threat significantly (in some cases from hours to minutes), depending on the nature of a cyberattack.
Prepare for a post-quantum era
The “harvest now, decrypt later” approach is raising alarms, as malicious actors may be storing sensitive data with the goal of decrypting it in the future once the quantum computers have enough qubits to break the “quantum vulnerable” encryption ciphers. This strategy threatens more than just financial losses and reputational damage; it risks customer trust, regulatory compliance, and business continuity.
While research has yielded promising post-quantum cryptographic algorithms to withstand the quantum era, transitioning is complex. At RSA 2024, specialists also underscored the significance of migrating to post-quantum cryptography algorithms to fortify crucial systems and safeguard information.
Despite the initial stage of quantum computers, it is crucial for organizations to begin evaluating their post-quantum security posture. At Nokia, we are working together across different organizations to not only offer the capability to build a dynamic crypto inventory, but also to address the different threats that this technology shift brings with post-quantum cryptography (PQC) and quantum-key distribution (QKD).
Realize a zero-trust architecture
Zero-trust architecture emerged as another focal point at RSA Conference 2024, emphasizing continuous verification and stringent access control. This strategy ensures that users and devices are not given any rights by default, only the rights needed to perform their function, and there will be continuous authentication and validation.
Embracing a zero-trust framework can significantly bolster the security posture of 5G communications service providers. This is especially important for hosting new and evolving use cases, such as the use of 5G network slices for mission-critical communications for infrastructure operators.
Key technical enablers include privileged access management, advanced security analytics using AI/ML, micro-segmentation, and network security mechanisms. 5G communication service providers should roadmap their zero-trust journey based on a formal risk assessment to guide judicious choices of where and when to focus their security investments.
Secure the critical communications infrastructure
AI is expected to generate up to 10 percent of available data within the next three years, with the telecommunications sector playing a significant role in driving this transformation. Going beyond mere connectivity, advanced telecommunications networks serve as the backbone of our critical infrastructure, providing secure data transmission and global resilience against disruptions.
However, when a telecom network experiences an outage, the repercussions on society can be substantial. Security engineers operating in these critical environments must ensure network stability to avert societal disruptions. Their expertise must encompass not only an understanding of the methods used to target telco networks but also a grasp of telco core, transport, and radio access network technologies.
Our focus on addressing the intricate challenges and opportunities within the telecommunications industry at RSA 2024 resonated strongly with the audience. Many security-specialized industry analysts recognized the unique Nokia approach for securing telecom network infrastructures. They agreed that the intersection between AI, connectivity and cybersecurity calls for effective collaboration between the telecom and other critical infrastructure providers to identify vulnerabilities, exchange threat intelligence, and collaboratively devise strategies to defend against cyber threats.
Events such as the RSA Conference serve as catalysts for shaping the future of cybersecurity. In telecom, we face the critical task of innovating while protecting our digital infrastructure. This demands a cybersecurity approach that adapts to emerging threats, leveraging both advanced technologies like AI and the expertise of skilled professionals. Our aim is to safeguard the integrity and reliability of our customers’ networks in this rapidly evolving digital landscape.
To find out more about these topics, please visit:
Cybersecurity Regulations | Nokia
