Return of the Guru

Mobile/Wireless Operators’ Security Postures ‘8 to 10 years Old’

Ara Trembly
Insurance Experts' Forum, February 3, 2011

It’s pretty much common knowledge that data security in wireless devices is not good, but a new report from Arbor Networks now puts the level of security sophistication for wireless carriers at about a decade behind today’s wired systems.

The Worldwide Infrastructure Security Report covers roughly a 12-month period from October 2009 through September 2010, and is designed to provide industry-wide data to network operators, the company’s website notes. “This data is intended to enable more informed decisions about the use of network security technology to protect mission-critical Internet and other IP-based infrastructure.”

According to the report, after a respite in the growth of packet-flooding denial-of-service attack bandwidth during the 2008 to 2009 survey period, “attackers have moved aggressively over the current survey period to dramatically increase attack volumes—for the first time launching DDoS attacks breaking the 100 Gbps barrier. This represents a 102% increase in DDoS attack bandwidth since the previous survey period and a staggering 1000% increase since Arbor released the first Worldwide Infrastructure Security Report in 2005.”

As ominous as this sounds, the news on the wireless technology front may be even worse. The report states that, “Mobile and fixed wireless operators are reporting that they have little visibility into traffic on their networks and even less ability to influence that traffic. With some notable exceptions, many mobile/fixed wireless network operators appear to have security postures approximating those of wireline operators some 8 to 10 years ago.”

If this is true, all of us in the insurance and financial services industries have good reason to be very afraid. It is no secret that, as an industry, we traffic in seriously confidential data, not to mention multiple billions (or trillions?) of dollars in commerce. While it is certainly convenient to execute trades and transmit financial data from our cribs—literal or figurative (remember the commercial?)—it is more than disconcerting to realize that the security protecting our confidentiality may be a decade old. And in light of the ridiculously rapid growth of technology over the last 10 years, a decade might as well be 50 years.

Let us also remember that it’s not just a matter of old or inadequate technology. According to Arbor, our wireless companies don’t know what’s on their networks, and they have little, if any, ability to influence the traffic that flows there. These facts should give pause to any insurer, broker or other financial entity that does significant business via wireless networks. At the very least, the information should get us thinking about standardizing the wireless devices we allow to carry our critical data.

The ship is leaky. Unless we start patching and bailing pretty soon, some of our companies could be headed for Davy Jones’ locker.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

3 Reasons DevOps Matters

Every insurer needs to compete on products and information turned around in light-speed fashion.

Coordinate Coverages to Manage Social Media Exposures

The bottom line is that no one policy will cover all the exposures in the social media realm.

The Internet of Things: Helping Insurers Make Better-Informed Decisions about Risk

The IoT is a major game changer for the insurance industry, and will likely affect every part of the insurance value chain. After all, insurance is data-driven, and that’s exactly what the IoT can deliver—relevant, actionable, real-time data that can provide an accurate picture of what is being—or may be—insured.

Software-Defined Everything

What does it take to virtualize all the key components in your data center?

On Thanking the Regulator … Really

The Financial Conduct Authority is demanding higher standards of consumer protection from insurers, which could lead to greater customer engagement and understanding.

Competing with the Coasts for Tech Talent

Are heartland-based insurers at a recruiting disadvantage for tech skills?

Advertisement

Advertisement