Industry Thought Leadership

Data Privacy Importance at stc

March, 2022

Issa Al Suwait
Cyber Security General Manager

stc Kuwait

Data privacy is the concept that governs the activities of accessing, handling and storing the sensitive information or data. With different levels of data criticality, to organizations all the time will be the most sensitive are the personally identifiable information (PII) of any category (customer, employee, citizen…).

While data protection covers all the aspects Data privacy is a subcategory which cover the ethical and legal obligations to control the access to the PII information.

Importance of data privacy
The phrase “data is the new oil” With the fact of Data is the crown jewels to any business and organization at

Nowadays digital era, makes the protection and privacy of these jewels is one of the most critical missions at the organization level, while Data is the business to some organizations, it is the source of competitive advantage and the core operations asset to others.

There are many drivers for why data privacy has significant importance to all organizations.

The main drivers are:

Business continuity dependent on data security and privacy
Business image and reputation
Regulations and compliance requirements.
Organization code of ethics
A professional mature privacy policy gives the edge over competition.
Mitigation of the data breaches involved Risks

Why data privacy is critical to Telecom operators?
Telecom operators are one of the biggest collectors of sensitive information at the country level. With millions of customer’s personally identifiable information (PII) and their financial information of payments and transactions, telecom companies are constantly targeted by cybercriminals.

But such attacks are not the only concern to telecom operators when it comes to data privacy. PII and customers financial information are also protected under multiple data protection laws and international standards. Starting from the local data privacy, protection and classification regulations published by CITRA in Kuwait as example, up to the EU General Data Protection Regulation (GDPR), in addition when it comes to financial information, the Payment Card Industry Data Security Standard (PCI DSS) enforce additional layer and requirements to implement and comply with.

For all these reasons, data privacy and protection should be a main concern to any telecom operators all the time.

Data privacy at stc
Stc as a leader in the Kuwait state telecom industry took the data privacy a step further by early adoption of a strict data privacy and protection framework, the framework developed with consideration of compliance with the local, regional and international data protection laws and international standards.

The framework developed as top-down model, detailing the core pillars for data privacy and protection from governance level down to the advanced technical level controls and all in between of process, policies and procedures.

To ensure stc network security and data as the crown jewels asset of the network an agile cybersecurity strategy has been developed and adopted to address all the data Privacy threats looking beyond standard and traditional cyber security controls and safeguards to a more profound level such as adoption of Zero Trust architecture and a data-centric approach to cybersecurity.

Limiting sensitive data transfer comes first
In cyber security domain it’s well-known that the human factor is always the weakest link a cross the whole chain.

Whether they have been compromised by malicious outsiders or unintentionally a careless step away from a data leak, insider human threats are a very serious security concern. Telecom operators can limit the impact of such data breaches regardless intentionally or not by implementing Data Loss Prevention (DLP) solution with an integrated classification system.

A second layer of detecting, limiting sensitive data transfer and preventing data leakage can be added at the network data traffic level by implementing a Network Detection and Response solution,

Develop and implement the required and desired use cases and controls.

In conclusion
The powerful high-speed 5G networks, Internet of Things (IoT) and artificial intelligence (AI) significantly transforming the way people work and live, as their daily life activities rely more and more on data. The most of these data transferred across the Telecom operator’s networks and systems, for this and all the aforementioned ensuring the privacy and protection of the customers PII information and all other sensitive data must be part of any telecom operator DNA if it’s not already.

ATTENTION

Leaders' Summit 2024

13^th May, 2024 | Dubai, UAE
“Evolving toward Integration, Intelligence & Sustainability in Infrastructure”
SAMENA ELITE

Jan-Mar, Volume 01, 2024
The Case for Fixed Wireless Access
Industry Reports

RIPE NCC | Unlocking Digital Growth: The Role of Internet Exchange Points (IXPs) in the Middle East
February 2024

EDISON Alliance
Impact Report
January 2024

The research on the trends of Data Communication Network for 2030
Network Evolution towards 5.5G Era (Net5.5G)
October 2023
Press Release

SAMENA Council’s Leaders’ Summit 2024 to be Held in May in Dubai; Multiple Industry Sub-Forums & Bi-Laterals to Foster Multi-stakeholder Inclusion

Salam joins SAMENA Council to elevate the digital services landscape in the Arab region

UNDP and SAMENA Telecommunications Council forge digital alliance to accelerate progress on digital-led sustainable development in the Arab States
SAMENA Trends

December 2023
On the Path to Innovation & Sustainability
ITU World Radio Communication Conference 2023 (WRC-23)

Dubai, United Arab Emirates, 20 November to 15 December 2023
SAMENA LEAD Awards

Leadership & Excellence Awards in Digital-development
Latest Video

ITU INTERVIEWS @ GSR-23:
Mr. Bocar A. Ba
CEO, SAMENA Council
IAGDI - CRO Chairman

SAMENA Council Leaders' Summit 2023 | 15^th May, 2023 - Dubai, UAE
Promo
Press Release

Industrywide Dialogue on Digital Competence, Secure Cyberspace, Sustainable & Green ICTs, and Emerging Digital Ecosystems across Economies to Ensue on May 15th at the SAMENA Council Leaders’ Summit 2023 in the UAE

SAMENA Council, in strategic collaboration with the ITU, Saudi CST Commission, and leading Telecom Operators, to hold the Industry's first “RISE” Conference on January 11th 2023 in Riyadh

SAMENA Council Advocates Enablement of Sustainable ICT Environment to Overcome Sustainability and Climate-action Challenges
SAMENA RISE 2023

11 Jan, 2023 | Riyadh, Saudi Arabia
“Sustainable ICT Development:
The Future of Digital Visions & Cross-Industry Innovation”
Latest Member Updates

e& Carrier & Wholesale launches Roaming-as-a-Service for mobile operators and IoT providers to provide off-net connectivity
View Details

Huawei to demonstrate cybersecurity leadership at GISEC Global 2024
View Details