Lessons learned in helping protect Australians as the nation's leading telco

As Australia’s leading telecommunications and technology company, cyber security is at the forefront of everything Telstra does. It’s not just about implementing security measures; it’s about designing, building, and managing security for a vast global network using a range of technologies and controls, integrating cyber security seamlessly into every aspect of our organisation and creating a culture of security amongst our people.

Telstra’s commitment to security and our visibility as a telco means we have extensive insight into the current cyber threat landscape and the challenges companies face.

Third-party SaaS providers

One of the most pertinent observations is that companies, including Telstra, are increasingly relying on third-party SaaS providers. As a result, we have seen a significant increase of criminals targeting those SaaS providers over the last 12-18 months. Cyber criminals are very aware that if they are successful in infiltrating a SaaS platform, not only do they gain access to that platform, but they can also use it as a backdoor to thousands of companies using the platform.

We only need to look at the recent Snowflake data breach as an example. Hundreds of organisations were impacted by this incident as attackers were able to successfully access customer data hosted in Snowflake’s environment.

Utilising Zero Trust

As a critical infrastructure provider, Telstra continuously invests in its security capabilities to help stay ahead of emerging security threats. Central to this is advancing the implementation of our organisation-wide zero trust network. This gives us the consistency that we need to manage how third-party providers — some who help run our network and some who are our key suppliers — connect and access Telstra’s network in a simplified, fast, and secure way.

Orchestration and automation in our Security Operations Centre

A well-established 24/7 Security Operations Centre (SOC) is also at the heart of our comprehensive security capability. Given that cyber security is only becoming more complex to manage as threats grow and time to respond is shrinking, Telstra is focused on simplifying how to bring together complex data from different layers — SaaS applications, enterprise networks, IoT, and 5G to name a few — so that our skilled security analysts can easily view and analyse it.

One pathway we are currently investing heavily in is security orchestration and automated response. This helps ensure that a large portion of security alerts our team of security analysts receive are supported by automation, speeding up response times and freeing them up to handle more complex issues. Additionally, we are increasingly leveraging machine learning and AI so that we speed up our detection and response times. The ultimate aim is to be able to counter cyber attacks at machine speed.

Sharing our SOC experience with customers

These same security resources that Telstra has developed and invested in to defend our company from cyber threats are also being shared with our customers. Telstra’s “one SOC” vision ensures that the same A-team that’s responsible for Telstra’s threat intelligence, vulnerability management, and hunting is also providing the same high level of protection to our customers. There is no doubt that Telstra’s network is far more complex and extensive. However, it is equally important for one of Australia’s best cyber teams to be able to use these same robust security measures and expertise to help our customers mitigate threats.

At Telstra, we believe that when it comes to cyber security, it is a collaborative effort, and we take the role we play in the wider cyber community seriously. It will require a concerted effort by organisations of all sizes, in all sectors, to work closely together to evolve and uplift our collective cyber security posture. Together, we can better mitigate against ever increasingly sophisticated cyber threats.