With Cybersecurity Awareness Month underway, it’s important to shine a light on the collective effort required to safeguard our digital world, and the critical role that cable providers play in doing their part to identify and protect their networks and consumers against today’s and tomorrow’s cyberthreats.
At the SCTE Cable-Tec Expo General Session last week, NCTA Chief Technology Officer and Senior Vice President, Technology, Dr. Rikin Thakker, spoke with Chief Information Security Officers (CISOs) from Charter, Comcast, and Cox to find out what the largest cable providers in the country are doing to ensure the safety and security of their networks and the data they handle. Here are a few of the insights they shared into their organizations' commitment to cybersecurity.
Cultivating a Multifaceted Approach
Cybersecurity is a multifaceted challenge that requires constant vigilance, adaptation, and collaboration. Kim Keever, the CISO at Cox, emphasized that a robust cybersecurity program encompasses three critical elements: people, processes, and technology. While technological components play a significant role, the program must also adapt to evolving threats.
- “We have a strategic cybersecurity program that's based on industry best practices, and that's flexible enough to evolve and change based on the ever-changing threats that we see and hear about,” explained Keever.
Successful cybersecurity strategies also result from being built into a company’s work culture. Charter CISO Greg Temm described it as a “team sport.”
- “Because we really want to make sure that everybody understands that whether you are in accounting or finance or customer care, a field technician, in software development, or network operations, everybody plays a part in keeping our network and our customers secure,” said Temm.
Addressing the Evolving Threat Landscape
The panel touched on current threats including ransomware, advanced malware, nation-level cyberattacks, hacktivism, and more. In addition, emerging technologies like quantum computing and generative AI introduce new challenges, necessitating a dynamic approach to cybersecurity.
- Comcast VP of Security Engineering Dr. David White shared they have a 12-petabyte security data mesh that helps the provider stay on top of all the different types of threats—whether they're internal or external—by enabling continuous monitoring and by allowing machine learning and AI to help combat dangers.
- Charter has a product called “Spectrum Security Shield,” and since it launched last year, approximately 1.3 billion threats, including phishing attacks, DDoS, and malware attempts have been blocked, remarked Temm.
Zero Trust: A Fundamental Security Paradigm
Comcast also shared its adoption of Zero Trust principles to ensure comprehensive security across its network. Zero Trust is a foundational cybersecurity concept that assumes that no part of a network is immune to compromise. It emphasizes strict access controls and verification, both for external and internal users.
- "At Comcast, it is one of our North Stars to have Zero Trust built into everything that we do. We have a base layer of what we do with Zero Trust, and that is really around our endpoint protection, our hygiene, our vulnerability management, patching, including ingesting all of our logs into our security data mesh. This is so that we have the visibility on what we need,” said Dr. White.
Collaboration: A Pillar of Cybersecurity
The three panelists also agreed that collaboration among cable providers and government agencies plays a pivotal role in strengthening cybersecurity. Sharing threat intelligence and taking on security initiatives together is essential to tackling evolving threats.
- Initiatives like the President's National Security Telecommunications Advisory Committee (NSTAC) and Information Sharing and Analysis Centers (ISACs) facilitate this collaboration between the government and the private sector, including cable providers, and are actively engaged in combatting threats such as social engineering.
- “[Cox] works with the FBI to bring down botnets. We also work within our industry to make ourselves better. We work with NCTA to help advise on cyber performance goals. We work with CableLabs to help develop standards that we use across the whole industry ... There are so many other agencies too that we work with, but that's just a sampling," said Keever.
In an era of rapidly evolving cyber threats, the nation's largest cable providers are committed to protecting their networks and customer data. By focusing on a multifaceted approach and collaborating across the industry and beyond, the cable industry strives to create a safer digital environment for all.
Photo Header Credit: Robb Cohen Photography & Video