As Canada’s largest telecommunications network, Bell is also a leader in the country’s cybersecurity space. “We have been recognized as a cybersecurity leader by firms such as IDC (International Data Corporation), and we’re supporting both private and government customers on multiple levels,” says Dominique Gagnon, General Manager of the Cybersecurity Practice at Bell. The breadth and depth afforded by the network is combined with cutting-edge technologies and an adaptable strategy, affirmed by a constant finger on the pulse.
Gary Miller, Cybersecurity Strategist at Bell, with a long history in the space and extensive business management experience, says that agility and a customer-centric strategy are vital to Bell’s success. “What we do is shaped by listening to our customers and taking into account their needs,” he says. “It’s a circular process – one that requires us to be in tune with how the market is evolving and how these changes are impacting our customers.”
When looking at changing market dynamics, Gagnon says that he sees five major trends that are impacting Canadian businesses:
Cybersecurity is top of mind for executives, with Canadian businesses investing more in cybersecurity each year. Yet, as Miller says, “The market for cybersecurity solutions is chaotic. Everyone claims to have the silver bullet, and Canadian organizations need guidance to sort through the noise. Since the costs and consequences of not getting it right are greater than ever, Bell’s primary security objective is helping our customers enhance their foundational cybersecurity,” he says.
Traditional reactive approaches to cybersecurity are no longer sufficient as cyber attacks become more sophisticated, targeted and persistent. Instead of just protecting the network perimeter, Gagnon says that modern threats necessitate proactive internal protections. “Businesses recognize that they must evolve their approach and assume the perimeter has been breached. It’s a matter of being able to proactively detect the attacker, trip the response and kick them out. It’s how fast you can achieve this, not just how well you can prevent them from getting in.”
As businesses are adopting more cloud-based applications and hosting more workloads in the cloud, it is critical to ensure that layers of protection are built in. “We are helping decentralize our customers’ approach to security, by facilitating secure, cloud-based environments across the country,” says Gagnon.
Businesses are also connected like never before thanks to the convergence of the Internet of Things (IoT), Operational Technology (OT) and the proliferation of endpoints. With increasing numbers of applications, devices and endpoints connected every day, exposure is increasing from a cybersecurity perspective. “Organizations are under great pressure to ensure that these new points of vulnerability are protected,” he says.
And finally, organizations have recognized the need for better control over what they see and how they see it. The challenge now is adopting, managing and integrating advanced capabilities, like enhanced detection and response and SIEM platforms (security incident and event monitoring), in order to enhance visibility and control. Organizations need the right strategy and support to filter through the immense quantity of data and insights generated by these advanced solutions, in order to act upon urgent alerts and proactively hunt for threats.
As one of Canada’s largest technology solutions and integration providers, Bell is well equipped to help customers navigate these market dynamics, supporting their needs at every turn. “Our approach has been to integrate the capabilities of different technologies to offer the best solutions to our customers and address the challenges these five trends present,” explains Gagnon. “A key element is to make sure that, wherever possible, we don’t throw away our customers’ previous investments, but rather maximize their value through effective integration. The goal is simplified security rather than simple security.” Miller elaborates that this provides layers of protection that form a wider, simpler whole. “Traditionally, we’ve always talked about security-in-depth,” he says. “We’re seeing this manifest even more today as we look at what an organization like Bell can provide. We have an end-to-end security approach and we can integrate the appropriate tools to provide customers with visibility from the edge to the core of their enterprise network.”
The advent of widespread virtual networks is also changing the cybersecurity industry. “Virtual networks provide a more agile and sophisticated way for customers to deliver network services. While every telecommunications provider is being impacted by virtual networks, providers who don’t have the scale and necessary technologies can really leave their clients vulnerable,” says Gagnon. “Bell is adapting its strategy to protect edge-based deployments for our virtual network services, and leveraging cloud-based services to support a broader, decentralized approach to security.”
The power of Bell security solutions is amplified by data-driven insights. Bell has developed a platform called CTI (Cyber Threat Intelligence) which leverages, with the approval of its customers, the breadth of its network to build intelligence on threats and threat vectors specific to the Canadian environment. The process, as explained by Gagnon, doesn’t collect data but instead recognizes and assesses network trends. “We look at network traffic metadata and apply it to a set of threat feeds and internal Bell data models to identify potential threat traffic targeting particular verticals or customers in Canada,” he says. “What’s happening in the network gives us an awful lot of insight into where issues are popping up. We collaborate with our customers to get further into their dataset for added insights, but in a general sense, we aren’t gathering transmitted data, just the directional metadata, traffic patterns and so on.”
These operations exist outside of the customers’ network environment, but Bell is hard at work to bring these advanced detection capabilities to its customers. “We’re investing in bringing Big Data to the customer’s environment so that they can leverage the technology and threat intelligence to better detect what’s happening within their own network,” says Gagnon. “We’re working with analytics partners to add such capabilities to the platform and provide those benefits to the customer. That’s where the future is.” For Miller, CTI adds vital speed to the process of threat detection and response, along with the capacity to handle growing volumes of data. “There’s a reality, particularly as we move to OT, that we’re now getting more structured and unstructured data. We normalize all of these highly diverse and voluminous datasets, apply advanced analytics, AI and automation to filter through this massive volume and isolate the most critical and impactful things. That is the value of Big Data for the future of cybersecurity.”
Ultimately, the customer is top of mind for Bell. Whether it’s filtering through the noise, managing SIEM environments, enabling virtual networks, or fortifying internal security in addition to perimeter control, Bell credits its deep understanding of the security landscape for its cybersecurity success. “We are very deliberate in the choices we make and continually engage with our customers every step of the way,” enthuses Miller. “By bringing cybersecurity to the forefront, we have fundamentally changed the narrative. We aren’t talking to our customers about the latest tools and technologies, we’re talking to them about their foundational business needs and how security is core to them.”