Daksha Bhasker, P.Eng (CIE), MBA, CISM, CISSP, CCSK, is a Senior Principal Cybersecurity Architect at Comcast NBCUniversal. Daksha has almost 20 years of experience in the telecommunications service provider industry. She has held roles in both business management and technology development and is accountable for security of complex solutions architectures and security systems development. Daksha’s security work spans carrier scale voice, video, data, applications and security solutions. Prior to joining Comcast, she worked at Bell Canada developing their cyberthreat intelligence platform and securing cloud deployments. Daksha holds an M.S in computer systems engineering from Irkutsk State Technical University, Russia, and an MBA in electronic commerce from the University of New Brunswick, Canada. She speaks at major cybersecurity industry conferences, has various publications in international security journals and contributes to standards development.
Mobile network operators (MNOs) must grapple with complex security management in fourth generation Long Term Evolution (4G LTE) deployments. The security architecture of 4G LTE may lull MNOs into a sense of complacence that the technology intrinsically addresses security in LTE operations. 4G LTE has known security vulnerabilities. Besides inherent LTE vulnerabilities, 4G LTE includes long standing internet protocol (IP) based security weaknesses. The third generation partnership project (3GPP) has included security in their system architecture evolution (SAE) from inception, yet there are numerous security considerations deferred to the MNO. In terms of service delivery and operations MNOs are left to manage both LTE and IP based security vulnerabilities. This leads to complex security management requirements for MNOs. This paper covers a broad sweep of security issues that MNOs should consider when operating 4G LTE networks, and proposes directional preventative measures with the objective of highlighting the critical role MNOs have to play in securing 4G LTE operations.
Carriers no longer want their speciality pizzas delivered in a box, fully baked with pre-determined toppings. In fact they figure that it is economical to purchase standard pizza ingredients wholesale, bake ginormous crusts and believe they can please their customers faster by delivering custom toppings by slice on demand.
Cryptography is an integral part of a cybersecurity professional’s toolkit. It is used for Confidentiality, Integrity, Non-repudiation and more. Cryptosystems are the cornerstone for securing communication, data and information systems globally and are deeply embedded in most technologies. Cryptography is…
Podcasts / Webinars
Cybercriminals are eroding trust in voice calls with 4.7 billion robocalls a month duping consumers with phone scams. The robocall strike-force has socialized the STIR / SHAKEN (Secure Telephony Identity Revisited / Signature-based Handling of Asserted information using toKENs) framework to combat robocalling. This webinar will review the STIR / SHAKEN framework, discuss its scope and limitations, and provide security architecture considerations for robust implementation.