Telenor Sweden uses ethical hackers to dial-up cybersecurity to the max
YesWeHack’s global cybersecurity research community will help identify potential vulnerabilities in Telenor Sweden’s critical telecom infrastructure and protect its customer’s information
Telenor Sweden has partnered with YesWeHack, Europe’s leading Bug Bounty platform, to identify potential vulnerabilities on its critical telecom infrastructure and protect customer information.
Telenor is a leading telecommunications company across the Nordics and Asia with more than 188 million customers worldwide. It has mobile operations in the Nordics, including Norway, Sweden, Denmark, Finland and in Asia, including Pakistan, Bangladesh, Thailand, Malaysia, and Myanmar. Connecting customers to what matters most has been the core of its business for more than 160 years.
Telenor’s wholly owned subsidiary, Telenor Sweden, is one of the largest mobile operator in the country and provider of fixed broadband services to the consumer and business markets in Sweden.
Telecom companies maintain and operate critical communications infrastructure. This is used to transmit large amounts of sensitive consumer and business data, due to which cyberattacks against the industry are soaring. Meanwhile, the rapid advancements of new technologies such as the Internet of Things (IoT) and 5G dramatically increase the potential attack surface and threat landscape for a telco.
To protect customer data and the security of its critical infrastructure, Telenor is investing in security capabilities across its organisation as well as with its suppliers and third-party providers. It ensures the same level of control over data and infrastructure, independent of operating – or business model.
One such initiative is crowdsourcing security through a bug bounty program with YesWeHack to identify security gaps and ensure adequate data protection. Crowdsourced security will help Telenor Sweden access a diverse range of security researchers, also called hunters, with unique specialisations and in-depth industry knowledge.
“The partnership with YesWeHack is one of the ways we work with security and maybe one of the most important ones in our proactive work to stop cybercriminals. The return on investment is huge since we get access to thousands of security researchers while only paying a fraction of the cost it would take to recruit them all individually,” said Ulf Andersson, Head of Information Security at Telenor Sweden. “We are now planning to level up both the private and public program to make it even more attractive and generate more reports,” he added.
Telenor Sweden had started with a private bug bounty program where YesWeHack invited selected researchers to hack it’s infrastructure. This was followed by a public bug bounty program where the telco is now being scrutinised by the entire YesWeHack community, representing more than 35,000 global cybersecurity researchers.
“Through the YesWeHack bug bounty program, we are connected to one of the finest global networks of hackers to help us find security gaps in our infrastructure. It’s all about finding vulnerabilities before anyone else. By being proactive and allowing the hacking of our infrastructure, we can find weaknesses before the criminals do and fix them,” said Marcus Lundblad, Security Engineer at Telenor Sweden.
By reducing security gaps and ensuring adequate data protection, Telenor Sweden gives its customers the comfort to share information and allow them to reap the benefits of the data-driven economy.
“Protecting people in their digital life with security at the foundation is the core value of Telenor,” said Guillaume Vassault-Houlière, CEO and Co-Founder of YesWeHack. “Telenor Sweden has achieved the position of a trusted and secure provider in all markets because of its focus on customer data protection and by defending its critical infrastructure by adopting game-changing solutions such as bug bounty,” he added.
Cybersecurity experts from Telenor Sweden will share best practices on guarding against cyber threats in a webinar on March 17th 2022. They will also share why the organisation has put bug bounty at the core of its security posture and will detail the clear benefits of a platform-driven, results-oriented and crowdsourced approach to security audits. For more information and registration visit our blog.