Large Telecommunications Company Gains Immediate Visibility into Advanced Threats That Other Solutions Missed

 

Background

For telecommunications companies, keeping customers connected is essential, requiring them to manage and maintain large, multi-faceted networks. Operating these complex infrastructures and storing significant amounts of sensitive data makes these organizations highly vulnerable to cyberattacks. One study by PWC found that security incidents in telecommunications had increased year over year by 45 percent, with direct attacks across network operations and data a central target.

Another recent study found that telecommunications companies, on average, took three or more days to apply critical security patches to address active threats. This makes it vital that telecom companies actively detect and monitor for advanced persistent threats (APTs) to identify potential infections in real-time and on live traffic.

The Challenge

When a large telecommunications company wanted to better identify threats in its network, the IT security team began searching for solutions that could enable them to leverage real-time threat detection. The telecom company examined a number of solutions that were popular in the cybersecurity industry, and began engaging with Darktrace for a proof of concept (POC) to demonstrate its product could uncover and identify threats across its network.

Unfortunately, an extensive Darktrace POC was not enough to convince the telecom company that it was the best solution for the job. Simply, the organization was not impressed with the effectiveness of Darktrace to reveal advanced threats. Deciding to press forward, the company realized it needed to find a solution that could immediately detect critical threats that other solutions had missed—a solution that could effortlessly monitor every type of device in its network from day one.

The Solution

Once the telecommunications company learned about Network Insight from Core Security, a network traffic analysis solution that automatically and accurately identifies hidden infections, it sought to conduct a POC right away. Almost to the IT team’s surprise, Network Insight found infections immediately. The organization was extremely impressed with the real-time actionable threat detection, multi-faceted intelligence, and ability of Network Insight to uncover infections across every IoT device—without leaving a single device behind.

Yet within the changing landscape and disruption of COVID-19, the telecommunications company wanted to further test its VPN network, especially with the large amount of remote employees working for the company. The security team put Network Insight to the test again by injecting an Android malware. No surprise this time—Network Insight instantly detected the malware, proving its ability to pinpoint the exact device, threat, and OS of infected devices impacted.

The Senior IT Director for the telecommunications organization recognized the superiority of Network Insight for active threat detection. “It was a ‘no brainer’ decision to purchase Network Insight,” because the solution “found infections that Darktrace had completely missed.”

The Outcome

Since turning to Network Insight from Core Security, the telecommunications company has gained confidence that it can effectively detect, confirm, and respond to advanced threats within its network infrastructure to ultimately fulfill its mission of keeping customers connected. Leveraging the solution has enabled the organization to monitor traffic, looking for proof of APTs—enabling swift detection action without adding to its headcount.

The company is also now using Core CSP, an advanced monitoring system designed for communication service providers to analyze the traffic of millions of subscribers for cyber threats. This has ensured the telecommunications company is not missing any critical entry points and continues to protect the sensitive data and connections of its customer base. This anonymized data is also added to Core Security’s definitive and comprehensive threat database, used for Core CSP and Network Insight users.

After selecting Network Insight as its solution of choice, the telecommunications company has increased its sophistication to identify advanced threats by continually capturing and correlating evidence, using multiple detection engines and leveraging an extensive threat intelligence database.  This means its security team has effectively reduced dwell time and can rapidly prevent loss to the organization. Because the company has adopted a more effective, reliable approach, it recognizes that threat detection with actionable insights is just as essential as threat prevention—and is confident it will detect anything that may come its way.

 

 

It was a ‘no brainer’ decision to purchase Network Insight. It found infections immediately that Darktrace had completely missed.

- Senior IT Director, Large Telecommunications Company