Telekom Slovenije's Cyber Security Operations Centre is the most innovative security solution

this information security solution represents significant added value in ensuring cyber security in the Republic of Slovenia. Telekom Slovenije's Cyber Security Operations Centre is the most advanced such centre in Slovenia, where top experts use monitoring and analytical tools to manage security events 24/7/365. Telekom Slovenije uses the centre’s cyber security services both for its own needs as well as for other organizations and companies.

​The statement of the award emphasizes that "as cyber security threats will continue to increase, a fully functional security-operations centre is the heart of a good process for managing security incidents. Telekom Slovenije's Cyber Security Operations Centre is the central unit with highly advanced technology, supported by accomplished and certified processes and competent employees. This is the biggest security-operations centre in Slovenia, with processes focused on supporting three key areas: (1) business environment with an emphasis on business-information systems, (2) national security with an emphasis on critical infrastructure, and (3) state institutions and providers of essential services. It also ensures the security of personal data of individuals who are part of the organizational systems."

Telekom Slovenije completed its Cyber Security Operations Centre in 2018, and it is certified according to the ISO 27001 international information security standard. Telekom Slovenije has also obtained the ISO 22301 business continuity standard, which certifies it is capable to provide key services and processes under extraordinary circumstances.

"We have established a cyber response group, which can operate remotely or at the location of a client to provide cyber security support when an incident occurs. Experts at the Cyber Security Operations Centre utilize various advanced technological tools to analyse security events from more than 5,000 network devices and 5,000 termination points (i.e. computers, servers, etc.), which generate around 10,000 events per second for a total of about a billion events every day. The number of events has been growing proportionately with the number of devices and network points in an ICT system," noted Matjaž Beričič, ICT and Network Services director at Telekom Slovenije. He also pointed out that since the coronavirus epidemic has been declared this presented additional challenges: "The introduction of preventive measures also changed our way of work, while at the same time numerous other organizations and schools also switched to remote work and schooling. This opened many additional security aspects, and consequently in just past two months we handled about 1000 security incidents."

Telekom Slovenije's Cyber Security Operations Centre has detected and blocked more than 4000 different DDoS attacks in the past year, while the number of handled security incidents increased 10-fold in 2019 compared to the year before. The most frequent security incidents are malware (worms, trojans, etc.) and ransomware that attackers most often deliver to the victim through phishing attacks or software vulnerabilities. These are followed by DDoS attacks and loss, disclosure and/or theft of data. This is similar to global trends and developments.

This year Telekom Slovenije is planning to invest in upgrading technologies for advanced event detection, in-depth analytics, increased level of automation of operative processes and various security and intrusion tests, and will in the future invest in artificial intelligence security solutions. Regular activities also include training analysts and improving their competencies, updating rules and protocols (also through external reviews) and re-certifications. Security is in fact a process that spans over entire operations of a company or an organisation.

Telekom Slovenije’s cyber security services also include system security reviews, Microsoft services security reviews, compliance reviews, reviews of suitability of technical measures for protecting personal data, and other. The company also manages customers' IT infrastructure (network, servers, firewalls, personal computers), and provides a system for managing secure business mobility and business applications across all user devices.