ISD Internet Security Days 2015, Köln, Sep 17, 2015
Internet Service Providers (ISP) deploy and operate an array of diverse and fast changing technologies and services to provide cutting edge solutions to their private and business clients. Thereby they rely on a complex chain of suppliers for hardware and software. Many such components fulfill critical functions at the core of the ISPs business, and often the choice of the third party supplier is limited, for example for high performance networking gear or mobile equipment.
With the reliance on third party components the security and integrity of the supply chain is a concern to the ISP and customers alike. Recent revelations brought the integrity of such equipment to the attention of the public, as it has been demonstrated that hardware and software components can be compromised and backdoored with or without the consent or knowledge of the supplier.
Such events erode the trust in key deliverables of our business.