Across all forms of digital technology, the threat landscape is increasing, exacerbated by unprecedented global events that have shifted the way we consume digital tech and telecommunications. The COVID pandemic poses as an example of the dependency that individuals and businesses have developed on connectivity, as it saw many corporations shift to a work-from-home operating model and distanced technical capabilities had to adjust to meet the growing number of decentralised teams across the globe.
While telecommunications has been around in one form or another for centuries, it takes a major shift in operations to understand just how critical connectivity is and, equally important, how vulnerable it can be. To sustain a business in the digital world requires the correct expertise to get teams online, but also the ability to protect them from the vulnerabilities that come from extended digital ecosystems.
This is where Vodafone Business’ role begins: with a recognition that digital adoption – particularly among small businesses – left a void that could easily be filled with cyber threats and ransomware attempts. In comes the cybersecurity team at Vodafone Business, led by Andrzej Kawalec, head of cybersecurity, and responsible for the telecom giant’s cybersecurity portfolio, helping companies minimise exposure to threats.
Securing businesses for the day-to-day
Kawalec cites the global pandemic as a “microcosm of a rapid adoption of technology”, which, as one of the major catalysts of the industry, is a big challenge that Vodafone Business has been faced with over the past few years when it comes to cyber threat defence. Putting this into perspective, Kawalec gives an overview of the shift and explains how digital solutions have become embedded in most aspects of business.
“The principal way of doing most things was analogue or physical, and we actually shifted to the primary way of doing most things in our day-to-day lives, digitally,” says Kawalec.
“Whether that was telemedicine, whether that was online, home education, hybrid working or transacting and banking, the delivery of food and groceries – the access has shifted towards digital as the primary mechanism, and then hybrid and physical secondarily.”
As digital transformation takes place at such a rate, what Vodafone Business saw was an increased level of concern around trust and privacy. This was particularly evident among small-to-medium enterprises (SMEs), which lacked sufficient capabilities to ward off cyber attacks.
Addressing these two ‘waves’ of change, he completes the trio of digital trends by discussing the regulatory shift that took place during COVID-19 as a reaction from governments and industry bodies to the increased level of digital adoption and threats. Ultimately, as explained by Kawalec, “those three things are crashing onto organisations of all sizes”, creating significant stress and strain on businesses.
Simplifying security is at the heart of Vodafone Business
One of the key messages emphasised when talking to Kawalec surrounds Vodafone Business’ overarching goal of simplifying cybersecurity for both individuals and businesses. The firm currently serves a global network of 300 million people with connectivity they interact with in their everyday lives, putting Vodafone in a widespread position of trust from its global clientele.
Of its customer base, it serves over 6 million businesses globally, ranging from SMEs to large corporations – but the message of trust remains the same.
“We look across, not just the underlying connection of organisations and people, but at how they use technology, be that as an employee or a consumer, how they use cloud and advanced analytics,” Kawalec explains.
“One of the big areas we're really focused on is extending into some really exciting new areas of technology, including how we work at the edge of our networks and deliver cloud computing to companies of all sizes. Also, how we roll out and help people understand and use the internet of things.”
To support its global network, Vodafone Business develops exciting new initiatives to minimise the threat level for all organisations, which was a particularly crucial function during the pandemic. One of the more immediate projects to be put in place as a response to rising digital adoption is the V-Hub. Specifically developed for SMEs, the V-Hub acts as a knowledge centre for digital adoption and advises leaders on making the right choices in their transition, as well as securing their digital ecosystems.
However, in the grand scheme of things, this is a step in the right direction as the firm undergoes prolonged work to help firms understand their cybersecurity much better.
“We’re right in the middle of rolling out a security risk rating, helping all of our customers understand how they can better protect the things that matter most.”
Mitigating risks is one area in which Vodafone Business has gained the trust of its clients, but another critical area that the company is proud of is its detection and response capability, formed as a response to the extent of damage that businesses can suffer from in the event of a cyber breach. According to Kawalec, the ability to detect cyber attacks can reduce recovery times from what would usually be 21 days.
“It’s something we're really proud of, because it allows you to understand and detect what's happening across your organisation and all of the micro moments; interactions; connections; data that's sent; the services you use; and managing and detecting the behaviour of those things,” says Kawalec.
“When something happens that is out of the normal bounds of behaviour, it could be a great indicator of a cyber attack. That's the moment that you need to put in place a response.”
“We've put in place a series of detection and response capabilities for our customers, allowing them to bring that time right down and reduce the damage or the impact of an attack.”
Supply chains and industry demand cybersecurity
One of the critical areas for cybersecurity highlighted by Kawalec is the supply chain industry, which also echoes similar messages across other industrialised sectors.
“Security is a global game. You really need to understand the global geopolitical trends and be able to track cyber criminal gangs and operations and how they've industrialised their activities across borders and different technology types.”
While global insights are necessary for organisations, in terms of securing their operations – particularly in the realm of supply chains – they must also champion solutions that provide pinpoint accuracy in the event of a cyber attack. This narrows down the entry point of an organisation and remedial work can begin much faster.
“How does this trade off in the supply chain? Well, understanding and knowing all of the organisations that you as an individual company work with, being able to track and understand their risks, and to highlight and understand trends across those suppliers – these are things that you can only get with that global scale oversight.”
The company’s risk rating product provides organisations with that capability and allows them to visualise their primary risks and the vulnerabilities that are presented through working with other organisations.
With the implementation of the internet of things (IoT) into industrial settings, such as manufacturing and utilities, the key to achieving this successfully is to, again, look at the number of entry points and apply logic similar to that of the supply chain.
“Industrialisation has lowered the price point for cyber criminals to attack and allowed them to prosecute attacks at a much greater scale. They're able to then directly monetise both the extortion of the data that’s released and secondary sale on the black market or the deep web,” explains Kawalec.
Bringing together best-in-class solutions
In order to maintain its global network, Vodafone Business works with best-in-class solution providers to ensure the best possible outcomes for organisations. Citing work with the leading information technology company Accenture, Kawalec expands upon the nature of their contributions.
“Big, global, exciting new partners. Our job is always to integrate those solutions, delivering them and translating them to our customers,” he says.
This is what sets the Vodafone Business service apart: offering a range of solutions that support customers at their most vulnerable and distressed. By leveraging a strategic partnership network, the strain on users worldwide is eased.
As the attack surface increases and businesses, both large and small, adopt more sophisticated systems for their day-to-day operations, the battle against cyber crime continues, albeit with an increased number of criminals focusing on ways to access data much easier and at a lower cost to them.
The remedial work carried out by cybersecurity teams is paramount to ensure that digital ecosystems are secure or as intelligent as possible to manage the abundance of threats to which companies are exposed. As businesses hand out digital devices to their employees, Kawalec believes this will facilitate a shift in the way cyber criminals target them, finding their entry points on the edge instead of conventional infiltration methods.
“We're going to see greater focus, not just on large single targets, but across many small organisations as the price per attack decreases. We're also going to see a greater focus on the user. This is where emerging trends like ‘zero trust’ really come to the fore,” Kawalec says.
To expand business globally and securely, organisations must look at their threat landscape, as well as their detection capabilities and strategies for minimising the damage inflicted by impending cyber threats. Luckily, Vodafone Business’ head of cybersecurity is on hand to help, believing that simplifying cybersecurity for its customers is the key focus for success.