Telecommunication companies are seen as organisations that provide telecommunications services such as telephony and data communications and are often referred to as Telco’s. Internet Service Providers (ISPs) and hosting companies are often categorised under the same banner.
Cyber threats and the Telecommunication industry
Telco’s are a big target for cyber-attacks because they build, control and operate critical infrastructure that is widely used to communicate and store large amounts of sensitive data.
With over 90% of ISPs coming under some form of attack, over three quarters of respondents planned to spend more on cyber-security.
TalkTalk lost 101,000 customers and suffered costs of £60m as a result of a cyber-attack and in the first quarter of 2016 it was reported that TalkTalk profits more than halved following the breach.
As Telco’s, ISPs and Hosting companies tend to be responsible for large amounts of customer data they tend to be ahead of other industries in relation to information security accreditations. It stands to reason that if your business is built on the premise that you control other people’s data, that you should take necessary precautions to prevent risks to your service provision. Supply chain management in the telecommunication industry is as key as due to the core interaction with a wide variety of organisations.
Information Security in supplier relationships is addressed within ISO27001:2013 where it’s suggested that all relevant information security requirements should be established and agreed with each supplier that may access, process, store, communicate, or provide IT infrastructure components for, the organisation’s information.
Osirium has the ability to manage and audit supplier connectivity, applying a least privilege model to secure the third party access.
Which compliance standards can Osirium help Telecommunication firms with in relation to Privilege Account Management (PAM)?