Key Actions to Enable Automation for Mobile Network Security Operations

Authors

  • Jarno Kämppi Jyväskylä University of Applied Sciences, Jyväskylä, Finland
  • Karo Saharinen Jyväskylä University of Applied Sciences, Jyväskylä, Finland https://orcid.org/0000-0002-8214-1426

DOI:

https://doi.org/10.34190/eccws.23.1.2232

Keywords:

Network Security, Cybersecurity Operations, Security Operations Center, Cyber Security, Mobile Network Operations, Security Operations, Network Change Management.

Abstract

Over time, the landscape of Cyberspace surrounding Internet Service Providers (ISPs) has undergone enduring transformations. Notably, mobile networks, integral to contemporary societal infrastructure, consistently encounter evolving cybersecurity threats and risks. ISP processes have adapted with a persistent focus on optimizing network performance and availability, yet the challenges emerge from a laborious and protracted network change management process, hindering the practical automation of network security. Addressing the rightful demand for the highest level of security from mobile network users, our research question probes: "How can we intensify the emphasis on network security and facilitate the automation of network security operations?" To delve into this, we conducted extensive interviews with ISPs globally, affirming the inherent difficulty in automating security operations. The findings categorize challenges into three domains: Security Culture, Operational Processes, and Tools. Cultivating a security culture demands a pivotal commitment to change from top management, coupled with dedicated time and resources. Essential to this is the enhancement of security competence, extending beyond specialists to encompass network engineering staff. Robust network security not only safeguards against threats but significantly influences various business processes. Initiating a secure network requires ISPs to articulate explicit security requirements during the network procurement process, exerting pressure on vendors to fortify systems with a security-by-design approach at the factory. Critical to this is the secure deployment of networks, integrating comprehensive network hardening during the build phase. However, findings indicate a prevalent oversight where network security configuration changes are often neglected or deprioritized in favor of network performance. Achieving a harmonious balance between security and performance necessitates a predefined agreement on a network security configuration baseline. This collaborative effort involves network security specialists and competent network engineers. To effectively monitor and enforce network security configuration, ISPs require automation-enabled tools with the predefined baseline, offering capabilities for monitoring and enforcing network assets. In conclusion, our research emphasizes the imperative need for a paradigm shift in organizational culture, operational processes, and tool utilization to enhance the focus on network security and enable the critical automation of network security operations within the ever-evolving landscape of Cyberspace.

Author Biographies

Jarno Kämppi, Jyväskylä University of Applied Sciences, Jyväskylä, Finland

Mr. Jarno Kämppi is currently pursuing a Master of Engineering degree at Jyväskylä University of Applied Sciences. With over 20 years of professional experience, he has held senior positions and has worked with various telecom operators globally. In recent years, he served as the Program Director for Ericsson's Key Customers, focusing primarily on implementing security solutions.

Karo Saharinen, Jyväskylä University of Applied Sciences, Jyväskylä, Finland

Dr. Karo Saharinen currently serves as a Senior Lecturer in Information Technology (IT) at Jamk University of Applied Sciences. His primary focus in teaching lies in the domains of data networks and cyber security. In addition to his teaching role, he takes on the position of degree program coordinator for the master's degree program in Cyber Security. He is also actively contributing to Research and Development projects within the JYVSECTEC – Cyber Security Research, Development, and Training Center.

Downloads

Published

2024-06-21