knowledge centre

Network virtualisation will increase the risks of cyber attacks for operators, but also the opportunities

"The challenge of reconciling the opportunities and threats of network virtualisation will be further heightened by the growth of the Internet of Things and the evolution of 5G."

Businesses and consumers have indulged in a prolonged bout of IT, telecoms and Internet infrastructure spending over the past 25 years. This spending has been responsible for much of the economic growth and social transformation during this period.

In contrast, businesses and consumers have only invested the bare minimum in securing this infrastructure in line with the three tenets of confidentiality, integrity and availability that have traditionally been at the heart of information and communications security.

The consequence of this under-investment is the ever-increasing global deficit in cyber security, examples of which appear frequently in the media. The Internet is now so open, so vulnerable in so many locations, and so easy for malicious players to hide in that it is routinely weaponised to steal highly-sensitive data, extort ransoms and crash network infrastructure.

The Internet presents operators with huge risks – and opportunities

There is probably still a significant difference between the sizes of the opportunities and risks presented by today’s global Internet. The risks are huge and growing, but the opportunities are at least as great – and may be greater. It is an indication of the recent growth in cyber threats that the question of which is greater is even considered.

Communications service providers (CSPs) are at the heart of the global ICT infrastructure. They bring the Internet into homes, businesses and government departments, as well as to smartphones and other mobile devices.  The telecom sector is officially defined as ‘critical infrastructure’ (alongside energy, finance and healthcare, among others), damage to which could pose a real and present risk to human life, potentially on a large scale.

CSPs can be direct victims of cyber attacks themselves. Their networks are crashed by distributed denial-of-service (DDoS) attacks, their customer data is stolen and exposed, and they are subject to ransoms, similarly to other organisations.

CSPs’ networks also often serve as the conduit for cyber attacks on their customers’ data, which is just as damaging to their organisations. CSPs carry the malicious traffic that brings enterprise websites down, exfiltrates sensitive data from corporate servers, and perpetrates fraud through consumers’ PCs and smartphones. However, CSPs’ pivotal position in the cyber-security ecosystem enables them to leverage their presence, trusted customer relationships and technology skillsets to provide security before, during and after a cyber attack. The results of Analysys Mason’s survey of 1600 enterprises show that CSPs have a potential revenue opportunity in the enterprise security market. An average of 37% of small and medium-sized enterprises (SMEs) currently do not have a cyber-security solution across all the countries surveyed – adoption is highest in Germany (86%) and lowest in China (11%), as shown in Figure 1.

Figure 1: SMEs’ adoption of cyber-security solutions by country and provider

 SMEs’ adoption of cyber-security solutions by country and provider

Software-control and virtualisation of networks will heighten both risks and opportunities

The software-controlled transformation of CSPs’ organisations and network infrastructures creates both opportunities and risks in terms of network security. The increased openness, speed and flexibility of software-defined networking (SDN) and network function virtualisation (NFV) create a host of new vulnerabilities that increase the level of risk to the organisation and its customers. Conversely, that same openness, speed and flexibility provides the CSP with very much better tools with which to spin-up and deploy security features to detect and mitigate real-time threats in its networks.

The challenge of reconciling opportunity and threat is already substantial, but will be further heightened by the growth of the Internet of Things (IoT) and the evolution of 5G. Entire suites of 5G applications for enterprise verticals such as healthcare are dependent on the highest-possible level of security – otherwise these business models are simply not viable. CSPs can gain new revenue streams from these sectors, but only if they can provide suitable security, which is a critical enabler.

An example of this is network slicing, one of the defining features of 5G. CSPs that show leadership in explaining how the integrity of every slice can be guaranteed, as well as how the unique security attributes of each slice can be supported, will have a competitive advantage in raising awareness of their services among enterprise customers.

Another example is the risk of DDoS attacks originating in the 5G radio access network.  This already represents a threat to network availability in the current 3G and 4G network environments, but this will escalate with the introduction of 5G endpoints capable of supporting up to 100 Mbps. There are new opportunities for vendors in delivering products and feature sets that will meet these new 5G security challenges.

Most traditional network-security principles remain wholly relevant as CSPs embrace a networking roadmap that is increasingly software-controlled. However, these principles need to be updated for that software-controlled context if CSPs are to best mitigate the risk and capture the opportunity.


Analysys Mason has recently published a strategy report on CSPs’ opportunities in offering cyber-security services for small and medium-sized enterprises and is well-placed to advise telecoms operators and vendors on their network security opportunities. Our custom research team has a wealth of experience in assisting operators and vendors to address emerging opportunities – please contact Stela Bokun (stela.bokun@analysysmason.com) for further details.