Telcos turn blind eye to security

Security? That's for nightclubs isn't it?

Telcos are failing to take security seriously according to a report published by investment group 3i.

The study, entitled "E-security 2002 Beyond", found the telco sector lags behind government and financial institutions when it comes to protecting customer data and network security.

The paper states: "In spite of the potential impact 3G may have on the ability to access the internet - the telecoms industry is the least alert of any business to the importance of e-security."

Richard Barber, development manager at security provider Articon Integralis, said telcos operate a culture of shifting blame. "Most phone fraud is very difficult to trace so telcos prefer to do nothing to save money and pass the cost on to customers instead," he said.

The telco sector might also be suffering from a security skills shortage according to Barber. "New technologies develop very fast, which means top skills are in constant demand," he said. "My concern is that telcos don't have the necessary security skills needed to keep up with all the latest developments."

The paper also found that most companies are still ignoring security, despite widespread publicity of the problems, and that security vendors are not in tune with their customers.

Russ Cummings, technology group director at 3i, said: "Most companies don't see security as a top priority. For instance, 80 per cent of firewalls are incorrectly installed. There is a complete mismatch between what companies expect and what the security industry can deliver."