How TDS navigates the constantly shifting and evolving cybersecurity landscape

Protecting our customer’s data is extremely important, which is why we ensure all third party contracts have strong security and privacy language so that we have clear expectations put forth and recourse should there be any type of event. While cloud services and SaaS platforms generally offer strong security measures, it’s critical to tailor these settings to fit the specific needs of our organization and to perform our own assessments of their solutions to validate the adequacy of their controls. It also important to note that cloud and SaaS solution are not inherently more risky or insecure than traditional methods, but they do present different risks that require vigilance and as a security organization our role is to enable our business to evolve, move quickly, and do so in secure manner.

2. The most successful attack vector for attackers are humans. As much as we educate our employees about phishing scams or the dangers of visiting malware-laden websites, someone will still “click”. To help counter these situations, TDS has invested in various controls that provide layers of defense that help block attacks and detect potential threats. It’s an area that we are constantly tweaking and improving.

Emerging Trends

1. TDS provides services in 30 states, including three locations in California. The California Consumer Privacy Act (CCPA) is considered to be the most comprehensive in the country and is designed to give consumers more control over their personal information. The law is set to take effect January 1, 2020. We have been making the necessary investments to comply with CCPA. We anticipate that other states will enact similar laws, so the processes and controls we’ve put in place for the California law, are being developed in a manner that will enable TDS to comply with other state privacy laws as they are enacted.

2. As cyber threats continue to become more sophisticated, there certainly is a challenge to find and hire skilled cybersecurity professionals. TDS is very supportive of universities and trade schools that are training more students in cybersecurity programs. I know all too well, how tough these jobs are to fill. To help in these efforts, I have been asked and have agreed to serve as an industry member on a newly created advisory board that will be providing input on curriculum, marketing, and recruitment for future cybersecurity professionals for a local university. I am very optimistic that public-private partnerships like this will lead to more students going into the cybersecurity field.

3. A final trend and one that is gaining more momentum, is leveraging more and more data along with machine learning to identify threats. Security organizations have always been big users of data, but there have been great advancements in technology that allows security teams to capture and aggregate data for any host/ system in your network and then leverage machine learning to have a computer look for and flag anomalies that may be indicative of a security risk. The maturing of technology in this space is one thing we are looking to in order to help address the shortage of security professionals in the marketplace today.