SAN FRANCISCO – Nokia could be seen as just one of hundreds of security vendors at this week’s RSA Conference, but the one-time paper producer said its deep telecom history and knowledge makes it unique amongst the cybersecurity masses.

Rodrigo Brito, head of cybersecurity for Nokia’s Cloud and Network Services, told SDxCentral in an interview that the vendor brings a focus on a telecom network’s “topology” that allows it to stand out from the crowd.

This includes knowledge of this topology in a three-dimensional way that allows Nokia to map the security incidents into the different instances of the network function slices “and be able to know and identify where those incidents are actually hidden,” Brito said.

Brito explained that Nokia views the telecom security space as having three different segments.

The first is security as it’s defined by standards, which he said were the security features that were thought of when the standards were being defined.

The next is product security, which are the security processes vendors have in place to deal with vulnerabilities in those products.

And the final is secure operations, which is the security posture in place after a network is deployed. This is the space where Nokia targets its security offerings.

“After we deploy the network with safe network elements, with the standard features enabled or disabled as per an operator’s wish, how can we operate it in a safe way,” Brito said.

Nokia tackles this challenge with several security features that a customer can access and manage through a security threat dashboard. This is a numerical ranking that takes into different security threats Nokia’s analysis software gleans from different deployments.

“We are able to determine what's the probability of a certain function to be successfully attacked by calculating the threat score, and that's also based on the value of the network element from an attacker perspective,” Brito said.

Brito cited the carrier’s launch last year of its extended detection and response (XDR) service that included deals with AT&T, Dish Network, and T-Mobile Netherlands.

That was followed by the launch later in the year of its Cybersecurity Dome product. That product uses a combination of machine learning, endpoint detection and response (EDR), and automation and response (SOAR) to allow communications service providers to monitor, detect, and automatically remediate security vulnerabilities. Nokia quickly added these cybersecurity features to its managed software-as-a-service (SaaS) platform.

“Public and private networks, critical mission networks are our specialty,” Brito said. “We are not going after all the verticals and that's how we differentiate from the other vendors here because the other vendors will try to make it as generic as possible, as flat as possible, so that they can serve the bank at the same time they serve the hospital and they try to serve the operator. But they won't come with 5G topology awareness on their systems that are targeting an IP network. They won't have a research team investigating 5G incidents on the 5G level. And that's the value proposition that we can bring. And that's why our customers value us because we do have something different than the other security vendors.”