SlideShare a Scribd company logo

150 0046-001 cost-lte_outages_industryinsights_final

T
Terry Young
1 of 5
Download to read offline
INDUSTRY INSIGHTS Protect the S1 - Worth 10X the Investment Risks Outweigh the Costs  Using accepted breach and outage costs, compared to LTE investments, the risk is up to 10X greater than the LTE S1 Investment. Representative Operator  60M Subscribers  $1.4B LTE investment  $64M S1 protection capex One-Time Malicious Breach  1.8M subs impacted (3%)  $159 per sub  $286M- one malicious breach 18 Hour Service Disruption  60M subs impacted  $0.33/sub/hour  $356M for 18 hours Capex vs. Risk  One malicious breach + one 18-hour service outage  $646M – business risk  $64M S1 protection capex Is IPsec secure backhaul worth the cost? As mobile operators invest billions in LTE networks, the rise of security breaches and service disruptions have exposed the new vulnerabilities of this all-IP network and risk the high service standards and reputation so carefully constructed. One can never have enough security and it costs far less for a hacker to attack a mobile network than for an operator to protect against every foreseeable threat. Operator must balance business risk against infrastructure investment and rightfully demand fact-based analysis of the options. In early LTE deployments operators debated whether or not to secure the RAN-Core with a security gateway, if the backhaul was considered “trusted”. Today, however, operators planning or launching LTE are intuitively convinced of the necessity for the IPsec encryption that a security gateway enables, but still require a more rigorous, quantified rationale. How can an operator realistically weigh the business value of deploying a new security element in such a rapidly changing environment? This brief applies groundbreaking research from Ponemon Institute with actual operator statistics to a representative operator scenario to determine that the cost of security the backhaul (S1) is orders or magnitude less than even a single breach or major service disruption. Five LTE Network Domains Require Security The RAN-Core (S1) interface is one of five LTE network domains that operators must protect. Each of these five domains has unique vulnerabilities and requires different protection mechanisms. Any security event that directly impacts subscribers - records, private live communications, or service availability, will have similar financial consequences to the mobile operator regardless from which domain it was originated.
STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 2 1 IBM Global Study on the Economic Impact of IT Risks, “Understanding the economics of IT, risk, and reputation”, November 2013. 2 http://www.forbes.com/sites/maggiemcgrath/2014/02/26/target-profit-falls-46-on-credit-card-breach-and-says-the-hits-could-keep-on-coming/ “Ponemon Institute further estimates that the average total cost for a malicious breach ranges from $60 to $246 per capita, depending upon the country, with the highest costs found in developed countries." Figure 1. Operators must protect five network domains. Business Costs of Malicious Breach According to IBM study conducted with Ponemon Institute1, the direct costs (tech support, forensics) of a substantial malicious security breach are only 22% of the total cost of business continuity and IT security failures. The business costs - lost productivity, lost revenue, brand damage and regulatory compliance activities – are more significant, exceeding 75% of the total, and can be long term. In the event of a widely publicized catastrophic failure (such as the 2013 Target breach), costs can be significantly higher, with some experts estimating the total cost of the Target breach will eventually exceed $18 billion.2 So far, the mobile industry has deservedly earned a strong reputation in the area of security. There have been few publicly disclosed breaches and widely known LTE service disruptions have been caused by non-malicious sources, such as application-induced signaling storms or network failures during software upgrades. But that was also true in the Target incident – the type of breach that occurred (the intruders gained access to Target's cash-register systems through a refrigeration contractor in Pennsylvania.) was unique. The general vulnerabilities of the payment network had been recognized and even identified to management, but waived off as improbably and not worth the cost. That kind of incident, after all, had never happened before! The Risk to Mobile Operators Yet operators realize that LTE networks are particularly vulnerable and that those risks are increasing. According to Arbor networks, 25% of operators surveyed have seen DDoS attacks targeting infrastructure, including the RAN and backhaul –
STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 3 3 Arbor Networks: “Worldwide Infrastructure Report, Volume IX”, 2013. 4 Ponemon Institute, “2014 Cost of Data Breach Study: Global Analysis”, May 2014. 5 http://www.zdnet.com/hackers-access-800000-orange-customers-data-7000025880/ 6 Calculation as follows: Base x 3% x $ per Capita = Cost; Initial LTE Investment x 5% = S1 Capex “In a 2005 note to clients, Gartner Inc. analyst Avivah Litan estimated for every $5.62 businesses spend after a breach, they could spend $1 beforehand on encryption and network protection to prevent intrusions and minimize damage. Today, she says, the ratio is about the same." double the previous year.3 Ponemon Institute further estimates that the average total cost for a malicious breach ranges from $60 to $246 per capita, depending upon the country, and with the highest costs found in developed countries.4 At the rate estimated by Ponemon, the 2014 hack of 800,000 Orange subscriber records (3% of Orange subscriber base5), cost the company about $161M. Estimating the Capex for Securing the S1 Operator customers have told us that the total capex for securing the S1 (encrypting the backhaul with IPsec) is about 3-5% of initial LTE investment. This includes the following:  Network: First Office Application, network integration and acceptance testing, operationalizing IPsec procedures into the BSS/OSS systems.  Security Gateway: Hardware costs and software licensing, system design, lab testing, installation.  eNodeB/RAN: Additional licensing costs for IPsec feature, service blades and/or reconfiguration design.  Backhaul: Additional capacity for IPsec overhead – estimated by NGMN to be 14% on average. Malicious Breach: Weighing Capex vs. Risk Using three representative operator statistics, applying cost estimates from Ponemon Institute and assuming 3% of the subscriber base is impacted by a malicious breach, the following comparison can be made. Figure 2. Cost of a single breach compared to S1 protection capex.6 As shown above, the cost of this single breach is 3-4 times that of the capex for securing the S1 ($119 - $286, compared to $64-$76). This 4:1 ratio is conservative compared to other expert analysis. Gartner Inc. analyst Avivah Litan stated that the cost of the breach is far higher than the cost of security – estimating that for every $5.62 businesses spend after a breach; companies could spend $1 Representative Operators Subs (M) Impacted Subs (M) $ per capita Cost ($M) Initial LTE Invest. ($M) S1 Capex (5%) ($M) Asian Operator 63 1.9 $146 $276 $1,500 $76 UK Operator 20 0.60 $198 $119 $600 $30 “Average” Operator 60 1.8 $159 $286 $1,400 $64
STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 4 7 http://www.programbusiness.com/News/Companies-Wrestle-with-the-Cost-of-Cybersecurity 8 http://blogs.gartner.com/john_pescatore/2009/07/24/financial-friday-the-cost-of-a-security-incident-is-usually-much-greater-than-preventing-it/ 9 http://www.theaustralian.com.au/news/latest-news/its-war-say-experts-on-cyber-security/story-fn3dxity- 1227020457985?nk=17d87fac49af22bbd989a7b1a8dfbc06 10 Heavy Reading, “Mobile Network Outages & Service Degradations, October 2013 “According to an Information Age survey, security is now among the top three elements consumers use to choose a mobile operator and 52% of consumer would switch providers after a major data breach." beforehand on encryption and network protection to prevent intrusions and minimize damage. 789 Here’s another example, comparing cost and risk from service disruption. Service Disruption Malicious hackers that gain access to the S1 link can also create network outages or otherwise disrupt service by injecting large quantities of packets – a denial of service attack attacks against the MME. Service disruption is known to contribute significantly to subscriber churn. Security gateway can prevent these types of intrusions through encryption, IKE and monitoring of signaling traffic levels. Heavy Reading estimates that operators spend an average of 1.5% of annual revenues dealing with the impact of outages and degradations.10 In 2011, a routine software upgrade triggered an 18 hour service outage in a European LTE network, impacting all three million subscribers. This was not a malicious breach, but still was costly to the company. The CEO was quoted as describing the incident as “an operator’s worst nightmare…cost the company almost $18 million.” That’s $1M per hour for three million subscribers, or $0.33/subscriber/hour. Applying this cost ratio to the example operators previously described, yields the results below. In this analysis, the cost of the disruption is 4-5 times higher than the investment for S1 protection. Figure 3. Cost of 18 hr. service outage compared to S1 protection Capex. Weighing Costs vs. Risks The mobile industry has witnessed both high profile malicious breaches and large scale service disruptions in LTE networks. Evaluation of the business risks should include both possibilities. Applying costs from the two previous estimates, the annual cost of just one major malicious breach (Figure 2) added to the cost of one major service incident (Figure 3) is up to 10X the cost of securing the S1 with a gateway. This is shown below. Representative Operators Subs (M) Hours of Disruption $ /hour /sub Cost ($M) Initial LTE Invest. ($M) S1 Capex (5%) ($M) Asian Operator 63 18 hours $0.33 $378 $1,500 $76 UK Operator 20 $120 $600 $30 “Average” Operator 60 $360 $1,400 $64
STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 5 “Lack of bulletproof or near-bulletproof security will be a show stopper when operators look to drive the next generation of revenue opportunities.” Figure 4. Two Incident costs (breach + outage) compared to S1 capex. Conclusion: S1 Protection is Worth the Investment The analysis in this brief uses reasonable estimates of LTE investments and reputable average business costs of breaches and outages to compare business risk and investment. The result illustrates that a single breach or service incident is 4-5 more costly than the investment for protecting the S1. The risk of increased churn could be considered an even higher concern than the analysis presented. According to a recent Information Age survey, security is now among the top three elements consumers use to choose a mobile operator - 52% of consumer would switch providers after a major data breach. Security vulnerabilities on the S1 are well documented by industry groups such as 3GPP and NGMN, but encryption of the backhaul is not mandated by standards and its applicability left to the operator interpretation. Even for carriers with trusted backhaul, the reputational risks may not be worth even the slightest deviation from industry recommendations. With regulators increasingly requiring public disclosure of security breaches, the wildfire spread through social media, and increasing competition, operators are taking incalculable higher risks to their strong reputation by not taking every reasonable precaution. Finally, security is fast becoming a differentiator amongst carriers, especially with their high value enterprise customers. At a Light Reading Security conference in London in May of 2014, operators acknowledged that it was time to change security from a checklist item to a service differentiator. Heavy Reading further summarized the significance in a 2013 white paper: “Lack of bulletproof or near-bulletproof security will be a show stopper when operators look to drive the next generation of revenue opportunities.” Stoke® Security eXchange™ STOKE® Security eXchange is a carrier grade, field proven solution, built from the ground up to solve critical, performance impacting problems for mobile network operators. Stoke innovative design and industry proven technologies enable cost effective, concurrent operation of critical security and protection functions while maintaining line-rate, high performance throughput. Representative Operators Subs (M) Risk ($M) (One Malicious Breach Cost + 18 Hour Service Disruption) S1 Capex (5%) ($M) Risk ($M) compared to S1 Capex Asian Operator 63 $276 $378 $654 $76 8X UK Operator 20 $119 $120 $239 $30 8X “Average” Operator 60 $286 $360 $646 $64 10X

Recommended

The Digital Telecom. Security Services
The Digital Telecom. Security ServicesThe Digital Telecom. Security Services
The Digital Telecom. Security ServicesParviz Iskhakov, PhD
 
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...Muhammad FAHAD
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecJessica Lavery Pozerski
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeSean Varga
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) Eoin Keary
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 

Recommended

The Digital Telecom. Security Services
The Digital Telecom. Security ServicesThe Digital Telecom. Security Services
The Digital Telecom. Security ServicesParviz Iskhakov, PhD
 
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...
CRASHOVERRIDE Analysis of the Threat to Electric Grid Operations. Cyber-attac...Muhammad FAHAD
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
 
Innovate for Cyber Resilience
Innovate for Cyber ResilienceInnovate for Cyber Resilience
Innovate for Cyber Resilienceaccenture
 
Ultimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecUltimate_Guide_to_getting_started_with_AppSec
Ultimate_Guide_to_getting_started_with_AppSecJessica Lavery Pozerski
 
ultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeultimate-guide-to-getting-started-with-appsec-veracode
ultimate-guide-to-getting-started-with-appsec-veracodeSean Varga
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) Eoin Keary
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 
Industrial cyber threat landscape
Industrial cyber threat landscapeIndustrial cyber threat landscape
Industrial cyber threat landscapebayshorenet
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:CoreTrace Corporation
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceCoreTrace Corporation
 
Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?Security Innovation
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Brian Levine
 
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Jacqueline Fick
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRhys A. Mossom
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyPositiveTechnologies
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 
Decision-Zone Introduction
Decision-Zone IntroductionDecision-Zone Introduction
Decision-Zone IntroductionRocco Magnotta
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psAccenture
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
The Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreThe Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreVeracode
 
IBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security KeynoteIBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security KeynoteIBM Events
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment Victor Oluwajuwon Badejo
 
150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_final150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_finalTerry Young
 
Latency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security GatewayLatency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security GatewayTerry Young
 
Machine learning's 2015 top influencers
Machine learning's 2015 top influencersMachine learning's 2015 top influencers
Machine learning's 2015 top influencersMary McEvoy Carroll
 

More Related Content

What's hot

Industrial cyber threat landscape
Industrial cyber threat landscapeIndustrial cyber threat landscape
Industrial cyber threat landscapebayshorenet
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:CoreTrace Corporation
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceCoreTrace Corporation
 
Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?Security Innovation
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate ITPeter Wood
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Brian Levine
 
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Jacqueline Fick
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRhys A. Mossom
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyPositiveTechnologies
 
Decision-Zone Introduction
Decision-Zone IntroductionDecision-Zone Introduction
Decision-Zone IntroductionRocco Magnotta
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psAccenture
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
The Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreThe Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreVeracode
 
IBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security KeynoteIBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security KeynoteIBM Events
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Ricardo Resnik
 
A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment Victor Oluwajuwon Badejo
 

What's hot (19)

Industrial cyber threat landscape
Industrial cyber threat landscapeIndustrial cyber threat landscape
Industrial cyber threat landscape
 
Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:Malicious Software Prevention for NERC CIP-007 Compliance:
Malicious Software Prevention for NERC CIP-007 Compliance:
 
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 ComplianceFeldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
Feldman-Encari: Malicious Software Prevention For NERC CIP-007 Compliance
 
Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?Car Cybersecurity: What do Automakers Really Think?
Car Cybersecurity: What do Automakers Really Think?
 
The Consumerisation of Corporate IT
The Consumerisation of Corporate ITThe Consumerisation of Corporate IT
The Consumerisation of Corporate IT
 
Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015Information Security and Data Breach Trends 2014-2015
Information Security and Data Breach Trends 2014-2015
 
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
 
RAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolioRAMNSS_2016_service_porfolio
RAMNSS_2016_service_porfolio
 
Creating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case studyCreating a fuzzer for telecom protocol 4G LTE case study
Creating a fuzzer for telecom protocol 4G LTE case study
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Decision-Zone Introduction
Decision-Zone IntroductionDecision-Zone Introduction
Decision-Zone Introduction
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
The Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t IgnoreThe Four(ish) Appsec Metrics You Can’t Ignore
The Four(ish) Appsec Metrics You Can’t Ignore
 
IBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security KeynoteIBM InterConnect 2013 Security Keynote
IBM InterConnect 2013 Security Keynote
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment
 

Viewers also liked

150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_final150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_finalTerry Young
 
Latency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security GatewayLatency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security GatewayTerry Young
 
Machine learning's 2015 top influencers
Machine learning's 2015 top influencersMachine learning's 2015 top influencers
Machine learning's 2015 top influencersMary McEvoy Carroll
 
Calculating the Costs of LTE Network Outages
Calculating the Costs of LTE Network OutagesCalculating the Costs of LTE Network Outages
Calculating the Costs of LTE Network OutagesTerry Young
 
Latency: Why you should worry, what you can do about it
Latency: Why you should worry, what you can do about itLatency: Why you should worry, what you can do about it
Latency: Why you should worry, what you can do about itPhilip Tellis
 
Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015Mary McEvoy Carroll
 

Viewers also liked (7)

150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_final150 0046-001 cost-lte_outages_industryinsights_final
150 0046-001 cost-lte_outages_industryinsights_final
 
Latency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security GatewayLatency Considerations in LTE: Implications to Security Gateway
Latency Considerations in LTE: Implications to Security Gateway
 
Machine learning's 2015 top influencers
Machine learning's 2015 top influencersMachine learning's 2015 top influencers
Machine learning's 2015 top influencers
 
Calculating the Costs of LTE Network Outages
Calculating the Costs of LTE Network OutagesCalculating the Costs of LTE Network Outages
Calculating the Costs of LTE Network Outages
 
Latency: Why you should worry, what you can do about it
Latency: Why you should worry, what you can do about itLatency: Why you should worry, what you can do about it
Latency: Why you should worry, what you can do about it
 
Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015Hadoop top 20 influencers of 2015
Hadoop top 20 influencers of 2015
 
Latency considerations in_lte
Latency considerations in_lteLatency considerations in_lte
Latency considerations in_lte
 

Similar to 150 0046-001 cost-lte_outages_industryinsights_final

SecurityGen-whitepaper-gtp-firewall- security 5G.pdf
SecurityGen-whitepaper-gtp-firewall- security 5G.pdfSecurityGen-whitepaper-gtp-firewall- security 5G.pdf
SecurityGen-whitepaper-gtp-firewall- security 5G.pdfNamTran825776
 
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...Security Gen
 
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdf
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdfSecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdf
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdfSecurityGen1
 
Secure Your Network with Confidence Understanding - GTP Protocols by Security...
Secure Your Network with Confidence Understanding - GTP Protocols by Security...Secure Your Network with Confidence Understanding - GTP Protocols by Security...
Secure Your Network with Confidence Understanding - GTP Protocols by Security...SecurityGen1
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations♟Sergej Epp
 
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
5G SA security: a comprehensive overview of threats, vulnerabilities and rem... 5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...PositiveTechnologies
 
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!SecurityGen1
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfSecurityGen1
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenSecurityGen1
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceSecurityGen1
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationPositiveTechnologies
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceEnergySec
 
handling-of-signaling-storms-in-mobile-networks-august
handling-of-signaling-storms-in-mobile-networks-augusthandling-of-signaling-storms-in-mobile-networks-august
handling-of-signaling-storms-in-mobile-networks-augustDaniel Mateos P
 
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET Journal
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
25 sumit 2
25 sumit 225 sumit 2
25 sumit 2SRJIS
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachF5 Networks
 
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING MLSECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING MLIRJET Journal
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
 
HPE-Security update talk presented in Vienna to partners on 15th April 2016
HPE-Security update talk presented in Vienna to partners on 15th April 2016HPE-Security update talk presented in Vienna to partners on 15th April 2016
HPE-Security update talk presented in Vienna to partners on 15th April 2016SteveAtHPE
 

Similar to 150 0046-001 cost-lte_outages_industryinsights_final (20)

SecurityGen-whitepaper-gtp-firewall- security 5G.pdf
SecurityGen-whitepaper-gtp-firewall- security 5G.pdfSecurityGen-whitepaper-gtp-firewall- security 5G.pdf
SecurityGen-whitepaper-gtp-firewall- security 5G.pdf
 
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
SecurityGen whitepaper GTP vulnerabilities - A cause for concern in 5G and LT...
 
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdf
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdfSecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdf
SecurityGen Sentinel - Your User-Friendly Guardian in Telecom Security.pdf
 
Secure Your Network with Confidence Understanding - GTP Protocols by Security...
Secure Your Network with Confidence Understanding - GTP Protocols by Security...Secure Your Network with Confidence Understanding - GTP Protocols by Security...
Secure Your Network with Confidence Understanding - GTP Protocols by Security...
 
Journey to the Center of Security Operations
Journey to the Center of Security OperationsJourney to the Center of Security Operations
Journey to the Center of Security Operations
 
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
5G SA security: a comprehensive overview of threats, vulnerabilities and rem... 5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
 
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!
SMS Security Unleashed: Your Toolkit for Bulletproof Fraud Detection!
 
Unleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdfUnleashing the Power of Telecom Network Security.pdf
Unleashing the Power of Telecom Network Security.pdf
 
Strengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGenStrengthening Your Network Against Future Incidents with SecurityGen
Strengthening Your Network Against Future Incidents with SecurityGen
 
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity VigilanceTelecom Resilience: Strengthening Networks through Cybersecurity Vigilance
Telecom Resilience: Strengthening Networks through Cybersecurity Vigilance
 
Security course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislationSecurity course: exclusive 5G SA pitfalls and new changes to legislation
Security course: exclusive 5G SA pitfalls and new changes to legislation
 
Cybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond ComplianceCybersecurity for Energy: Moving Beyond Compliance
Cybersecurity for Energy: Moving Beyond Compliance
 
handling-of-signaling-storms-in-mobile-networks-august
handling-of-signaling-storms-in-mobile-networks-augusthandling-of-signaling-storms-in-mobile-networks-august
handling-of-signaling-storms-in-mobile-networks-august
 
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
25 sumit 2
25 sumit 225 sumit 2
25 sumit 2
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
 
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING MLSECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
HPE-Security update talk presented in Vienna to partners on 15th April 2016
HPE-Security update talk presented in Vienna to partners on 15th April 2016HPE-Security update talk presented in Vienna to partners on 15th April 2016
HPE-Security update talk presented in Vienna to partners on 15th April 2016
 

150 0046-001 cost-lte_outages_industryinsights_final

  • 1. INDUSTRY INSIGHTS Protect the S1 - Worth 10X the Investment Risks Outweigh the Costs  Using accepted breach and outage costs, compared to LTE investments, the risk is up to 10X greater than the LTE S1 Investment. Representative Operator  60M Subscribers  $1.4B LTE investment  $64M S1 protection capex One-Time Malicious Breach  1.8M subs impacted (3%)  $159 per sub  $286M- one malicious breach 18 Hour Service Disruption  60M subs impacted  $0.33/sub/hour  $356M for 18 hours Capex vs. Risk  One malicious breach + one 18-hour service outage  $646M – business risk  $64M S1 protection capex Is IPsec secure backhaul worth the cost? As mobile operators invest billions in LTE networks, the rise of security breaches and service disruptions have exposed the new vulnerabilities of this all-IP network and risk the high service standards and reputation so carefully constructed. One can never have enough security and it costs far less for a hacker to attack a mobile network than for an operator to protect against every foreseeable threat. Operator must balance business risk against infrastructure investment and rightfully demand fact-based analysis of the options. In early LTE deployments operators debated whether or not to secure the RAN-Core with a security gateway, if the backhaul was considered “trusted”. Today, however, operators planning or launching LTE are intuitively convinced of the necessity for the IPsec encryption that a security gateway enables, but still require a more rigorous, quantified rationale. How can an operator realistically weigh the business value of deploying a new security element in such a rapidly changing environment? This brief applies groundbreaking research from Ponemon Institute with actual operator statistics to a representative operator scenario to determine that the cost of security the backhaul (S1) is orders or magnitude less than even a single breach or major service disruption. Five LTE Network Domains Require Security The RAN-Core (S1) interface is one of five LTE network domains that operators must protect. Each of these five domains has unique vulnerabilities and requires different protection mechanisms. Any security event that directly impacts subscribers - records, private live communications, or service availability, will have similar financial consequences to the mobile operator regardless from which domain it was originated.
  • 2. STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 2 1 IBM Global Study on the Economic Impact of IT Risks, “Understanding the economics of IT, risk, and reputation”, November 2013. 2 http://www.forbes.com/sites/maggiemcgrath/2014/02/26/target-profit-falls-46-on-credit-card-breach-and-says-the-hits-could-keep-on-coming/ “Ponemon Institute further estimates that the average total cost for a malicious breach ranges from $60 to $246 per capita, depending upon the country, with the highest costs found in developed countries." Figure 1. Operators must protect five network domains. Business Costs of Malicious Breach According to IBM study conducted with Ponemon Institute1, the direct costs (tech support, forensics) of a substantial malicious security breach are only 22% of the total cost of business continuity and IT security failures. The business costs - lost productivity, lost revenue, brand damage and regulatory compliance activities – are more significant, exceeding 75% of the total, and can be long term. In the event of a widely publicized catastrophic failure (such as the 2013 Target breach), costs can be significantly higher, with some experts estimating the total cost of the Target breach will eventually exceed $18 billion.2 So far, the mobile industry has deservedly earned a strong reputation in the area of security. There have been few publicly disclosed breaches and widely known LTE service disruptions have been caused by non-malicious sources, such as application-induced signaling storms or network failures during software upgrades. But that was also true in the Target incident – the type of breach that occurred (the intruders gained access to Target's cash-register systems through a refrigeration contractor in Pennsylvania.) was unique. The general vulnerabilities of the payment network had been recognized and even identified to management, but waived off as improbably and not worth the cost. That kind of incident, after all, had never happened before! The Risk to Mobile Operators Yet operators realize that LTE networks are particularly vulnerable and that those risks are increasing. According to Arbor networks, 25% of operators surveyed have seen DDoS attacks targeting infrastructure, including the RAN and backhaul –
  • 3. STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 3 3 Arbor Networks: “Worldwide Infrastructure Report, Volume IX”, 2013. 4 Ponemon Institute, “2014 Cost of Data Breach Study: Global Analysis”, May 2014. 5 http://www.zdnet.com/hackers-access-800000-orange-customers-data-7000025880/ 6 Calculation as follows: Base x 3% x $ per Capita = Cost; Initial LTE Investment x 5% = S1 Capex “In a 2005 note to clients, Gartner Inc. analyst Avivah Litan estimated for every $5.62 businesses spend after a breach, they could spend $1 beforehand on encryption and network protection to prevent intrusions and minimize damage. Today, she says, the ratio is about the same." double the previous year.3 Ponemon Institute further estimates that the average total cost for a malicious breach ranges from $60 to $246 per capita, depending upon the country, and with the highest costs found in developed countries.4 At the rate estimated by Ponemon, the 2014 hack of 800,000 Orange subscriber records (3% of Orange subscriber base5), cost the company about $161M. Estimating the Capex for Securing the S1 Operator customers have told us that the total capex for securing the S1 (encrypting the backhaul with IPsec) is about 3-5% of initial LTE investment. This includes the following:  Network: First Office Application, network integration and acceptance testing, operationalizing IPsec procedures into the BSS/OSS systems.  Security Gateway: Hardware costs and software licensing, system design, lab testing, installation.  eNodeB/RAN: Additional licensing costs for IPsec feature, service blades and/or reconfiguration design.  Backhaul: Additional capacity for IPsec overhead – estimated by NGMN to be 14% on average. Malicious Breach: Weighing Capex vs. Risk Using three representative operator statistics, applying cost estimates from Ponemon Institute and assuming 3% of the subscriber base is impacted by a malicious breach, the following comparison can be made. Figure 2. Cost of a single breach compared to S1 protection capex.6 As shown above, the cost of this single breach is 3-4 times that of the capex for securing the S1 ($119 - $286, compared to $64-$76). This 4:1 ratio is conservative compared to other expert analysis. Gartner Inc. analyst Avivah Litan stated that the cost of the breach is far higher than the cost of security – estimating that for every $5.62 businesses spend after a breach; companies could spend $1 Representative Operators Subs (M) Impacted Subs (M) $ per capita Cost ($M) Initial LTE Invest. ($M) S1 Capex (5%) ($M) Asian Operator 63 1.9 $146 $276 $1,500 $76 UK Operator 20 0.60 $198 $119 $600 $30 “Average” Operator 60 1.8 $159 $286 $1,400 $64
  • 4. STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 4 7 http://www.programbusiness.com/News/Companies-Wrestle-with-the-Cost-of-Cybersecurity 8 http://blogs.gartner.com/john_pescatore/2009/07/24/financial-friday-the-cost-of-a-security-incident-is-usually-much-greater-than-preventing-it/ 9 http://www.theaustralian.com.au/news/latest-news/its-war-say-experts-on-cyber-security/story-fn3dxity- 1227020457985?nk=17d87fac49af22bbd989a7b1a8dfbc06 10 Heavy Reading, “Mobile Network Outages & Service Degradations, October 2013 “According to an Information Age survey, security is now among the top three elements consumers use to choose a mobile operator and 52% of consumer would switch providers after a major data breach." beforehand on encryption and network protection to prevent intrusions and minimize damage. 789 Here’s another example, comparing cost and risk from service disruption. Service Disruption Malicious hackers that gain access to the S1 link can also create network outages or otherwise disrupt service by injecting large quantities of packets – a denial of service attack attacks against the MME. Service disruption is known to contribute significantly to subscriber churn. Security gateway can prevent these types of intrusions through encryption, IKE and monitoring of signaling traffic levels. Heavy Reading estimates that operators spend an average of 1.5% of annual revenues dealing with the impact of outages and degradations.10 In 2011, a routine software upgrade triggered an 18 hour service outage in a European LTE network, impacting all three million subscribers. This was not a malicious breach, but still was costly to the company. The CEO was quoted as describing the incident as “an operator’s worst nightmare…cost the company almost $18 million.” That’s $1M per hour for three million subscribers, or $0.33/subscriber/hour. Applying this cost ratio to the example operators previously described, yields the results below. In this analysis, the cost of the disruption is 4-5 times higher than the investment for S1 protection. Figure 3. Cost of 18 hr. service outage compared to S1 protection Capex. Weighing Costs vs. Risks The mobile industry has witnessed both high profile malicious breaches and large scale service disruptions in LTE networks. Evaluation of the business risks should include both possibilities. Applying costs from the two previous estimates, the annual cost of just one major malicious breach (Figure 2) added to the cost of one major service incident (Figure 3) is up to 10X the cost of securing the S1 with a gateway. This is shown below. Representative Operators Subs (M) Hours of Disruption $ /hour /sub Cost ($M) Initial LTE Invest. ($M) S1 Capex (5%) ($M) Asian Operator 63 18 hours $0.33 $378 $1,500 $76 UK Operator 20 $120 $600 $30 “Average” Operator 60 $360 $1,400 $64
  • 5. STOKE®, Stoke Session Exchange and the Stoke logo are trademarks of Stoke, Inc. Copyright © 2014 Stoke, Inc. All rights reserved. Lit# 150-0046-001 5 “Lack of bulletproof or near-bulletproof security will be a show stopper when operators look to drive the next generation of revenue opportunities.” Figure 4. Two Incident costs (breach + outage) compared to S1 capex. Conclusion: S1 Protection is Worth the Investment The analysis in this brief uses reasonable estimates of LTE investments and reputable average business costs of breaches and outages to compare business risk and investment. The result illustrates that a single breach or service incident is 4-5 more costly than the investment for protecting the S1. The risk of increased churn could be considered an even higher concern than the analysis presented. According to a recent Information Age survey, security is now among the top three elements consumers use to choose a mobile operator - 52% of consumer would switch providers after a major data breach. Security vulnerabilities on the S1 are well documented by industry groups such as 3GPP and NGMN, but encryption of the backhaul is not mandated by standards and its applicability left to the operator interpretation. Even for carriers with trusted backhaul, the reputational risks may not be worth even the slightest deviation from industry recommendations. With regulators increasingly requiring public disclosure of security breaches, the wildfire spread through social media, and increasing competition, operators are taking incalculable higher risks to their strong reputation by not taking every reasonable precaution. Finally, security is fast becoming a differentiator amongst carriers, especially with their high value enterprise customers. At a Light Reading Security conference in London in May of 2014, operators acknowledged that it was time to change security from a checklist item to a service differentiator. Heavy Reading further summarized the significance in a 2013 white paper: “Lack of bulletproof or near-bulletproof security will be a show stopper when operators look to drive the next generation of revenue opportunities.” Stoke® Security eXchange™ STOKE® Security eXchange is a carrier grade, field proven solution, built from the ground up to solve critical, performance impacting problems for mobile network operators. Stoke innovative design and industry proven technologies enable cost effective, concurrent operation of critical security and protection functions while maintaining line-rate, high performance throughput. Representative Operators Subs (M) Risk ($M) (One Malicious Breach Cost + 18 Hour Service Disruption) S1 Capex (5%) ($M) Risk ($M) compared to S1 Capex Asian Operator 63 $276 $378 $654 $76 8X UK Operator 20 $119 $120 $239 $30 8X “Average” Operator 60 $286 $360 $646 $64 10X