Security As A Service of telecom operators
Today I addressed on TelecomSec 2007 summit at Beijing. My topic is “Security As A Service of telecom operators”. Here is the slides I used.
Actually I began to thinking security value-added services by telecom operators when I worked for China Telecom before 2000. At that time, it’s only an idea, because the focus of management of China Telecom was totally to grow up number of subscribers and the revenue, without much interests to value-added services.
At Telecomsec 2006, just a year ago, I addressed on “Value of Telecom Security “. I do believe it’s time for China telecom operators to roll out security value-added services. Because the growth of subscribers and ARPU have been shrinking. How to grow benefit and improve user loyalty are the pain of telco executives. At the same time, along with the projects of ITSM inside telecom operators, operation maturity and internal governance have been improved a lot, compared against a couple of years ago.
A little surprise at this summit is to find two other speakers touching on the same topic, one speaker from China Telecom, another one from IBM.
At my speech, after reviewing my view points of security services from 2000 to 2006, I recommended the below steps for telecom operators to roll out their security value-added services:
1 ally with worldwide strong vendors at IT services and Security
2 build ITSM and security management platform, grow capability of NOC/SOC
3 build centor of reporting and auditing
4 add security product rent and monitoring services, covering FW/IDS/IPS/AV and etc.
5 build CERT/SWAT team and capability, covering Anti-DoS and emergency reponse, security vulnerability alert, education and training.
We know, so far, those global telecom vendors have been marketing their security services, including MSS and integration and consulting services, e.g. BT, T-system, ATT and etc. They are good examples of China telecom operators.
Recent Comments