IDC recognizes TELUS as a security leaderNov 22, 2019
It is always a great honour when the industry recognizes your capability, validates your strategy and acknowledges your vision. In its recent MarketScape (Canadian Security Services 2019 Vendor Assessment), IDC identified TELUS as a leader based on our bundled, mid-market security solutions, Managed Detection and Response (MDR) offering and proprietary threat intelligence.
While we are proud to be heralded as a leader, we are equally as proud of the strategic thinking, bold conviction and significant investments that got us there. Shri Kalyanasundaram, Director of Cyber Security and Digital Identity at TELUS, shares insights about what inspired the strategies that ultimately propelled TELUS to its current leadership position.
Q: IDC highlighted TELUS’ focus on developing security services for small and medium-sized organizations. What motivated this focus?
Shri Kalyanasundaram: The evolution of cyber threats was the real driver. As automation matured, hackers realized that they could leverage this technology for their nefarious gain. With automated tools, hackers can now target a weakness, wherever it is. There is no longer a differentiation between large and small organizations. If there is a vulnerability out there, they will find and exploit it.
So two things are happening in tandem. First, criminals are moving down market. And second, smaller sized organizations are expanding their threat surface and exposure by using more and more digital tools. Organizations that may have had security as an afterthought now have to prioritize it.
At TELUS, we saw an opportunity to extend the principle of secure by design to medium-sized businesses, instead of waiting until growth to a certain size justified and necessitated a more serious security stance.
Q: Why are the capabilities included in the security bundles vital for these organizations?
SK: We wanted to make sure that the bundles reflected security best practices, based on the National Institute of Standards and Technology (NIST) framework. We also consulted with our customers to understand their security maturity and what they felt they needed to advance it. Ultimately, cyber security requires a tradeoff between risk and spend, so prioritizing was critical. Our goal was to address the gaps while providing the foundational elements of cyber security.
For example, email protection is vital. Phishing is still one of the biggest threats that organizations face, especially in smaller companies where security awareness may not be that advanced. We also emphasized Security Information and Event Management (SIEM) to help smaller-sized organizations pinpoint real threats in a cost-effective way. And a Next Generation Firewall not only helps to secure the perimeter, but incorporates other security capabilities that would normally require additional appliances or devices.
Delivery was also a top priority. By offering cloud-enabled solutions, we wanted to help smaller-sized organizations save money, improve flexibility, support growth and eliminate the need to purchase and manage equipment. The TELUS Security Portal offers unified visibility to simplify security management. In a typical security scenario, each capability in the bundle would be purchased separately and would require individual monitoring. With TELUS security bundles, organizations get centralized management and reporting, and the ability to communicate contextually with TELUS security experts.
Q: IDC also highlighted TELUS’ focus on Managed Detection and Response (MDR). What challenges are you targeting with this offering – both the capability and how you’re offering it?
SK: Security has traditionally focused on building the strongest fence, so nobody can get in. But we know now that there is no such thing as a foolproof lock or being 100% secure. Breaches happen. MDR brings together technology, automation and skilled analysts to find the meaningful security threats across every segment of an organization’s network, from the perimeter, to the endpoint, to the cloud.
From an operational standpoint, MDR helps IT from getting overwhelmed by the sheer volume of security information. By eliminating the noise, paring down focus to potential real threats and recommending action, organizations can reduce operating costs as they relate to security. The cost of entry for MDR is usually prohibitive for medium-sized organizations. Similar to our bundled offerings, our goal is to make MDR accessible to and affordable for smaller businesses.
Q: Argus, TELUS’ proprietary threat intelligence capability, is really interesting. Why is it such a strategic investment and focus?
SK: Argus is a diverse and deep technology ecosystem, which helps us deliver our internal cyber security programs and augment our cyber security offerings in the market. From physical to information security controls and from log management to anomaly detection, Argus is the heart and brain of how we protect our network and our customers. Threat intelligence is one very important program in the Argus ecosystem, allowing TELUS to consume and share threat news and information.
Our data sources include global and national security intelligence feeds, our own network feed and third party intelligence feeds. We collect, analyze and correlate all of this data. By visualizing patterns, we also naturally identify anomalies, which can translate to threats.
Leveraging the intelligence that we have and correlating across geographies and industries, we can define various use cases. Our goal is to provide the security insights that can help customers adjust strategy based on possible threat scenarios.
Q: IDC views TELUS’ security capabilities as a strong complement to its connectivity offerings. What is your perspective on the link between connectivity and security, and why is TELUS uniquely positioned to deliver both?
SK: Cyber security starts with protecting the network, so security is naturally a part of our DNA. We must deliver secure connectivity as a core competency. As our business has evolved with data centres, unified communications and healthcare, security is always at the forefront. It really is the link that unites our business offerings.
Because we live and breathe security in our own business and have invested so much into understanding it and securing our core product offerings, it makes strategic sense to extend that expertise and proficiency to our customers. We have made it a priority to find and retain the best security talent and develop best of breed offerings. So why not leverage that talent and best practices to deliver more security outcomes for our customers?
Download the IDC Marketscape excerpt.
For more information on TELUS Cyber Security solutions, visit telus.com/cybersecurity.