Cybersecurity – Vulnerability in risk Management

Telefónica Servicios Audiovisuales (TSA), together with Telefónica Tech, are aware that every action and operation carried out in the audiovisual world can be subject to threats or attacks and focus their mission on helping companies to improve their cybersecurity posture. To this end, they focus on identifying, protecting, detecting potential failures and responding. Other important areas of focus include risk reduction, facilitating compliance with data protection regulations (European GRPD and LOPDGDD) and improving the operational efficiency of audiovisual companies.

Within the cybersecurity capabilities offered, one of the most basic and important is the security testing of the customer’s network, where attack transmitters are deployed to test the customer’s infrastructure, software and employees. This portfolio is divided into “Detection and Response”, “Threat Intelligence” and “Vulnerability Risk Management”. Within the Vulnerability section, there are two important methods for dealing with cyber threats: Network Testing and Internal and External Pentesting.

Audiovisual organisations are increasingly connected to Internet services, which makes them very attractive targets for cyber criminals.

The cyber security of these customers is continually put to the test by cyber criminals: attackers simply scan the Internet looking to identify vulnerable targets, without adequate cyber defences, and attack them.

As a starting point, customers must know what is wrong and translate it into a prioritised list, where the goal is to urgently fix as many vulnerabilities as possible.

Through Network Testing, we are able to identify security vulnerabilities with secure and reliable solutions. After detection, a series of recommendations are given to secure an organisation’s network.

An assessment is made through a “white box” security perimeter combined with the OSSTMM (Open Source Security Testing Methodology Manual) methodology and the best available automatic scanners.

The phases of this network test are:

Planning, conducting the security analysis and delivering the final report.

The commitment we are looking for is:

• To protect the internet-oriented infrastructure.
• Vulnerability scanning of services running on open ports to find common vulnerabilities.
• Manual testing and verification of services and limited exploitation of relevant vulnerabilities.

Regarding another of the actions we can execute to help our clients in audiovisual cybersecurity, we offer Internal and External Pentesting. This involves executing multi-step and multi-vector attack scenarios that first find vulnerabilities and then try to exploit them to penetrate the company’s infrastructure.

This is done through “black box” testing, using OSINT (Open-Source Intelligence) techniques and tools and following the OSSTM methodology. This testing can be performed internally (someone from within the organisation, a malicious insider or simply a negligent employee) or externally (a remote attacker hacking into the internal network).

The test is divided into phases:

• Pre-Engagement, in which the scope, success criteria, rules of engagement, review of vulnerabilities and past threats are determined.
• Engagement, which refers to the security test and considers different scenarios, e.g. what to do when sensitive data is found.
• Post-Engagement, where vulnerability testing is performed again or the environment is cleaned, among other activities.

This testing is necessary to assess the company’s exposure to threats and vulnerabilities, as well as the ability to meet regulatory requirements and test security operations. In addition, they enable customers to understand and manage the risks in their environment, identify hidden weaknesses and develop effective security measures.

Network Testing and Internal and External Pentesting result in a high level report with management information and detailed technical review of vulnerabilities. We carry out a kick off meeting to mark the start of the project and a testing meeting with an executive presentation of the critical and high level vulnerabilities along with an action guide on remediation and safeguards for the future, plus retesting as an end point.

Also, access to dashboards and remediation workflows is given via the Customer Portal.