The cyber security industry is on a “defensive footing”, a leading Vodafone executive has said, as he looks to pull off a “magic trick” to help the operator become a more established player in this key area.
Andrzej Kawalec, Head of Strategy and Innovation, Vodafone Enterprise Security Services, made the comments as the company unveiled a report titled Cyber Security: The Innovation Accelerator.
Based on interviews with 1,434 cyber security execs from businesses of all shapes and sizes around the world, the report paints a somewhat gloomy picture.
Launched in a week when lawsuits are beginning to arrive on the desks of Equifax lawyers, after a hack of 143 million of the credit firm’s customers, the report notes that criminals will “continue to out-think, out-innovate and out-invest traditional models of cyber defence”.
Kawalec, who joined Vodafone in May after a long career at HP in order to “set the future direction of our security capabilities right across the enterprise segment”, thinks before responding to a question about what can be done to keep up with the hackers.
“It’s the 64 million dollar question,” he says.
“We all have to recognise we’re on a defensive footing at the moment.
“People’s confidence is quite low when it comes to their cyber readiness.”
To back up this point, the report cites data from the UK government’s Department for Digital, Culture, Media and Sport that shows it takes 120 days on average for a business to know its data has been compromised.
Kawalec says: “The vast majority of huge attacks in last six months has been through a failure to master the basics of security.”
Vodafone is not alone, but it thinks it can gain a slice of a growing need from businesses to invest in solutions to patch holes in their knowledge and capabilities.
The report found that 41 percent of respondents said they were unsure about who could help them with the cyber security challenges they are facing.
A worrying statistic, but one in which Kawalec naturally senses an opportunity.
He cites “an underserved yet huge section of the market that is not directly addressed by...traditional security players”.
The latter are missing an opportunity, according to Kawalec, by being overly reliant on an “expert-to-expert” approach with a heavy focus on complexity that rules out many companies in the SME market in particular.
Moreover, Kawalec claims, there are “huge changes in perception about who is enabling security from a vendor perspective”.
But Vodafone has its work cut out to persuade businesses it can be one of the enablers, at least if data from research firm Cybersecurity Ventures is to be believed.
It puts Canada-based Herjavec Group top of the pile of its latest ranking of the most innovative cyber security companies.
Published last month, the list has BT as the leading telco, coming in at number 29, followed by AT&T at 45, but Vodafone doesn’t make it into the top 500.
Given Vodafone is regarded as one of the leaders in enterprise network services it is clear there is a big security shaped hole in its portfolio.
Putting a positive spin in this, Kawalec says: “There’s a really interesting thing – people are turning to Vodafone not as an established player in the market.”
He adds: “Vodafone is one of few companies that aggregates and facilitates data, [knows] how it is distributed, accessed and looked after – that’s why people turning to us rather than traditional legacy enterprise security providers.
“It’s an exciting new model – that’s why I came here.”
Evidence to back up his claim is hard to come by.
Vodafone does not break out how much its security offerings contribute from a financial perspective, for example.
Service revenues from enterprises rose 2.3 percent in the 12 months to March, but include the full gamut of, largely connectivity, services it offers.
From a security perspective, Vodafone’s offering includes in-house solutions developed by a “sizeable” security team as well as solutions from partners such as Fortinet and BAE Systems.
Kawalec has arrived on the scene as the company looks to build on this.
“We need to up our game and do things differently,” he admits.
Vodafone is undergoing an “end-to-end strategic review” put in place by new Group Enterprise Director Brian Humphries – a man Kawalec knows from their time together at HP.
Specifically, Kawalec says the fundamental challenge is to pull off a two-part “magic trick” – to “embed security in everything that we do” and to “evolve our capabilities to respond to the massive changes happening in the market”.
He and his team have a job on their hands to makes this happen and ensure Vodafone’s future in cyber security does not become illusory.