Without a doubt, the COVID-19 pandemic has had a deep impact on all businesses. In particular, the communications service provider organisations who experienced massive challenges with the shift to remote working. Operators had to respond quickly to this rapidly changing demand – both in terms of the surge in requirements and DDoS security.
A study by A10 Networks highlighted the extent to which communications service providers are concerned about DDoS attacks and the need to mitigate them. The study found that many communications service providers are vulnerable and, as a result of COVID-19, are now investing more in security to reinforce their defences.
The study focused on “real world” cybersecurity incidents experienced by telco providers, highlighting how vulnerable telcos and their customers are to a wide variety of threats including DDoS and ransomware, as well as attacks that exploit vulnerabilities in APIs and web servers.
In the Middle East, the study found that 43 per cent of the surveyed providers stated that upgrading firewalls and other security appliances to meet new threats and increased traffic volume was their highest priority security investment in the next two years.
DDoS Security Concerns
One of the big cybersecurity challenges brought about by the pandemic is that it has caused a rapid expansion of the attack surface. Fifty-one per cent of Middle East service providers have accelerated investment plans in security and this is a relatively low figure considering security, primarily DDoS security, should be a priority for every service provider. They have said that they would need additional capabilities and technologies to protect their customers’ networks from cyber-attacks in the next two years. DDoS protection is a big concern.
Multi-vector DDoS attacks are increasing in frequency and volume, severely impacting businesses across the globe. Defending infrastructure, servers, applications and users’ access during DDoS attacks can’t be accomplished by existing firewalls, intrusion prevention systems, and load balancers. In fact, in many instances, these systems are the target of attacks because they are vulnerable and can be overwhelmed by a flood of unwanted traffic.
The Impact Investment Plans
For the Middle East, most respondents have planned to increase investment in security within the next three years due to the increase in traffic/subscribers (51 per cent).
- 51 per cent have accelerated investment plans in security
- 49 per cent have paused their investment plans for the next three years
- 47 per cent are investing less in their own network and moving to invest more in public cloud
Highest Priority Security Investments in 2021
In terms of future investment plans, going forward providers are keen to ensure DDoS security across the network infrastructure – solutions like DDoS and ransomware protection services for enterprise customers and upgrading firewalls and other security appliances feature heavily in the plans.
- DDoS protection services for enterprise customers (45 per cent)
- DDoS mitigation across network infrastructure (44 per cent )
- Upgrade firewalls and security appliances (43 per cent)
The Workforce Won’t Snap Back to How It Was
In the Middle East a large proportion of the senior IT professionals (66 per cent) expect that remote working will continue in some form post-pandemic. The pandemic significantly raised awareness around the resiliency of the network and the robustness of security, and going forward, subscribers and enterprises expect much stronger security from their communications service providers and will demand more in their SLAs and expand to other types of service providers to get this commitment.
Increase in Customer Demand
The pandemic has had a significant impact, with 99 per cent of all Middle East telco providers having experienced an increase in demand, and this has led to a huge scale up of their infrastructure, networks and technologies.
Also Read: Top 10 Endpoint Security Providers
Almost all (99 per cent) Middle Eastern service provider respondents said COVID-19 had created a more distributed environment on average by 46 per cent. This has changed customer behaviour and,
- Increased demand for online platforms (52 per cent)
- Amplified concerns around business continuity and resilience (52 per cent)
- Increased expectations around security (43 per cent)
Middle East communication service providers are seeing increased demand from different locations, and this has forced them to redistribute network capacity and scale up in specific locations.
Variations Compared With Other Countries
Out of the five countries, survey respondents in the Middle East lagged and ranked lowest in scaling up their infrastructure across the entire network (50 per cent) in response to increased demand for data and network bandwidth from customers.
Compared to the other countries, DDoS protection services for enterprise customers and DDoS detection across network infrastructure ranked very high when it comes to priority security investments for 2021-2022 for service providers in the Middle East (45 per cent and 42 per cent respectively), which demonstrates that DDoS attacks are on the rise in the region and is emerging as a key threat vector.
As 5G networks become more distributed and cloud-native, Middle East respondents are most confident in maintaining quality service and avoiding service outages as compared to all the other countries, with only 21 per cent seeing it as being a challenge. This goes to show that service providers in the Middle East believe they have good 5G security solutions and policies in place.
But as communications service providers evolve with digital transformation and a cloud-native deployment model, they should prioritise applying more rigour to their security strategy to address long-standing vulnerabilities.