Daksha Bhasker, P.Eng (CIE), MBA, CISM, CISSP, CCSK, is a Senior Cybersecurity Architect at Comcast. Daksha has over fifteen years of experience in the telecommunications service provider industry with roles in both business management and technology development, accountable for complex solutions architectures and security systems development. Her security work spans carrier scale voice, video, data and security solutions. Prior to joining Comcast she worked at Bell Canada developing their cyber threat intelligence platform and securing cloud deployments. She has worked on security controls for Sarbanes Oxley compliance and security risk management in complex deals with large enterprise customers. Daksha holds an M.S in computer systems engineering from Irkutsk State Technical University, Russia, and an MBA in electronic commerce from the University of New Brunswick, Canada. She contributes to security standards development and maintains an interest in security research, analysis and authorship.
Mobile network operators (MNOs) must grapple with complex security management in fourth generation Long Term Evolution (4G LTE) deployments. The security architecture of 4G LTE may lull MNOs into a sense of complacence that the technology intrinsically addresses security in LTE operations. 4G LTE has known security vulnerabilities. Besides inherent LTE vulnerabilities, 4G LTE includes long standing internet protocol (IP) based security weaknesses. The third generation partnership project (3GPP) has included security in their system architecture evolution (SAE) from inception, yet there are numerous security considerations deferred to the MNO. In terms of service delivery and operations MNOs are left to manage both LTE and IP based security vulnerabilities. This leads to complex security management requirements for MNOs. This paper covers a broad sweep of security issues that MNOs should consider when operating 4G LTE networks, and proposes directional preventative measures with the objective of highlighting the critical role MNOs have to play in securing 4G LTE operations.
Carriers no longer want their speciality pizzas delivered in a box, fully baked with pre-determined toppings. In fact they figure that it is economical to purchase standard pizza ingredients wholesale, bake ginormous crusts and believe they can please their customers faster by delivering custom toppings by slice on demand.
Cryptography is an integral part of a cybersecurity professional’s toolkit. It is used for Confidentiality, Integrity, Non-repudiation and more. Cryptosystems are the cornerstone for securing communication, data and information systems globally and are deeply embedded in most technologies. Cryptography is…
Podcasts / Webinars
Cybercriminals are eroding trust in voice calls with 4.7 billion robocalls a month duping consumers with phone scams. The robocall strike-force has socialized the STIR / SHAKEN (Secure Telephony Identity Revisited / Signature-based Handling of Asserted information using toKENs) framework to combat robocalling. This webinar will review the STIR / SHAKEN framework, discuss its scope and limitations, and provide security architecture considerations for robust implementation.