The value of ISPs providing first line of cybersecurity

The value of having ISPs provide the ‘first line’ of cybersecurity
(Image credit: Shutterstock)

Most people think of Service Providers as simply the companies that connect their phone and internet. But Service Providers offer a much broader array of ‘value add’ services. One such ‘value add’ has been the ability to provide safe access and dynamic protection against malicious sites to anyone using their connection.

Across the last few months COVID-19 has required many companies to rapidly reassess the technologies they use to enable their business. One area where this has been particularly true is how they approach cybersecurity. As lockdowns took effect early this year many companies rushed to implement remote working at scale – at least where their business models would allow it.

Within weeks huge numbers of personal home broadband connections became a vital link in companies’ overall IT portfolios. And as a result, the capabilities of these home connections – their speed, stability, and security – became a more significant factor in companies’ business continuity. As more staff began to work remotely companies faced potentially enlarged ‘attack surfaces’ – with the number of points at which an attack could be attempted rising dramatically. Clearly these networks needed to be secured.

It would have been impractical – not to mention prohibitively expensive - for cybersecurity experts to implement specific measures on each worker’s home network. Clearly what was needed was an effective security mechanism that would also scale effectively. As it turns out one type of company was, and is, uniquely positioned to respond to this cybersecurity challenge, and will likely play a significant role as we continue to define and explore the ‘Next Normal’: Service Providers.

Service providers are uniquely placed to provide simple and scalable security

In a perfect world, all users would understand the importance of scanning and monitoring all traffic on their personal networks. However, this is unrealistic. Even taking into account one of the most basic measures of internet security, 85% of corporate users regularly bypass their VPNs when working remotely. The chances of an entire workforce effectively and independently managing their firewalls and other safeguards at home are low.

For an additional fee, however, Service Providers can effectively become the first line of defense against viruses, malware, phishing, etc., in effect ‘cleaning the pipe’ in and out of the home.

There are clear advantages to such an approach. One is its simplicity. With no software to install or upgrade, the network takes care of itself. Users can agree to a service and forget about it. This is of particular benefit to smaller businesses that don’t have the manpower or budgets for dedicated IT or cybersecurity professionals or solutions.

Another clear advantage of remote security is its scalability. No matter how resource-rich the company, organisations will struggle to implement traditional security solutions on networks over which they have little control or oversight. Solutions that can simply be ‘turned on’ remotely provide a much more scalable solution.

Such systems can also deliver extraordinary capabilities. As standard we can probably expect them to benefit from constant, automatic updating, and to leverage broad visibility of international network traffic patterns. It’s likely, in fact, that any Service Provider looking to offer security filtering as a ‘value add’ will want to draw on the most sophisticated security capabilities in the market. As an example, The Cisco Umbrella system, already used by many Service Providers, provides a differentiator through best-in-class AI-based traffic and user behavior analysis, in order to spot unusual patterns – even within encrypted traffic.

Remote security services can, of course, be enabled through third parties. However, enablement of such services through SPs offers specific benefits. Apart from the convenience and ease of integrated billing, SPs can very easily activate the service with fully-automated end-to-end configuration. SPs are also in a unique position to offer integrated connectivity and security troubleshooting. For example, when a malicious website is unreachable, SPs are ideally placed to inform the customer whether it is down to a connectivity issue or a security service in action. SPs are also, I would argue, in the best position to anonymize the identity of end-users that try access to malicious websites.

Demand for remote security is only likely to grow

Secure remote working practices are likely to be a significant driver of demand for remote security for the foreseeable future. We’re likely to see significantly elevated levels of remote working continue, compared to the pre-COVID baseline. Many businesses will now be looking to realise ROI the systems they have implemented. Others will increase the amount of remote working within their businesses for reasons of health and safety, staff retention or operational efficiency.

However, there are also other factors that will drive growth in the adoption of remote security. For example, all predictions point towards increased use of 5G and the IoT in business networks over the coming years. Such networks present many similar challenges – the need to secure vast numbers of remote endpoints, connected through a Service Provider, for example.

Establishing a widespread ‘first line’ of security at the SP level has the potential to play an important role in the development of national economies and broader national ‘digitization’ programs. As such, remote security has the potential to offer significant broader social benefits. After all, as Cisco outlined in its recent Digital Readiness Index, there has never been a clearer link between a nation’s digital capability and its economic and social well-being.

Remote workers need Security as a Managed Service

Despite its necessity, effective remote security continues to pose a number of questions that businesses and governments need to answer. For example, it is likely that Service Providers will need to charge for these services, but who should actually pay this cost? Should it be employees, their employers, or even the governments as part of wider country-digitization efforts? And can SP-level security be mandated, given individual countries’ different positions on whether such services can be ‘opt out’.

However, as we gradually move towards a common approach on these details, there is little doubt that a security managed service at the Service Provider level is a robust first line of defense. It should, of course, be part of a company’s wider ‘Defense in depth’ approach, incorporating several security controls through use of additional tools such as multi-factor authentication, VPNs, and encryption.

We need to ensure that implementing security managed services become as much a part of standard remote worker setup as supplying a laptop. Moving forward, security will be a catalyst to the wider digitization of societies. That makes it is not simply be a matter of individual companies protecting their assets, but a matter of the ‘common good’.

  • Paolo Campoli, Service Provider Segment Leader, Cisco EMEAR.
Paolo Campoli

Paolo Campoli, VP, Head of Global Service Provider Sector, Cisco. In his current position, Paolo lead the Global Service Provider Sector for Cisco.