Interview with Florin Popa, B2B Director at Orange Romania

In order to understand Orange vision in the cyber security field we’ve asked Florin Popa, Business to Business Director at Orange Romania a few questions.

Florin, could you please tell us more about your experience at Orange Romania?

One of the great things about Orange is that in 14 years since I have joined this team, the company has evolved from a mobile operator to a supplier of solutions that helps businesses to fully embrace digital transformation. One of my main challenges and accomplishments is that the business products that we have developed not only connect our customers, but they provide ways to increase productivity, revenues and competitive advantage, transforming us in growth enablers for the businesses of our customers.

What is the approach of the mobile operator in terms of cyber security needs for both SMEs and enterprise?

Orange Romania is the only telco provider in Romania that offers to organizations fully managed services of cybersecurity. Our approach focuses on a complete range of solutions that covers all the impact zones of an organization: mobile internet access, fixed internet access, data center, IoT, Smart City, BYOD/BYOT.

Let’s imagine the following picture: I’m a company who is looking for security services and solutions. I never had any interaction with an IT security provider. Can Orange help me? If so, how?

Definitely Orange can help you, no matter the specific of your company’s domain: governmental, public administration, education, transport services, retail, financial, utilities, e-commerce etc. We offer a proactive service of Security Operations Center, Security Audit, Penetration Tests and also a Code Review service, that corrects the vulnerabilities of an app., web page, e-commerce site or e-commerce app.

Orange recently launched Business Internet Security Threat Map. Could you please tell us more about this product as it’s a premiere for the Romanian Market?

Business Internet Security Threat Map was developed for Orange by the BIT SENTINEL team and offers a visualization from a high overview perspective of the data gathered from the Orange Romania Business Internet Security agents deployed across Romania.
We hope this tool will help more people to understand the challenges posed by cyber-attacks and will encourage dialogue about how we can work together to reduce the threat of cyber security incidents, improving the business security and the safety of our clients’ businesses.

What are the main differences between Business Internet Security packages?

We currently offer 3 types of Business Internet Security packages: Basic, Standard and Professional. All of them include advanced protection and control solutions and also periodical reports on your internet connection status.
The most complex package, Business Internet Security Professional offers additional functions, such as: detection and blocking of intrusion attempts, personalization of intrusion signatures, and consultancy for security policy or manual optimizations according to specific threats.

Cyber security is a field which needs continuous learning and training of the staff. How is Orange handling this challenge? What is the staff expertise?

Indeed, Cyber security is a dynamic domain. We have in-house developed competencies and certifications, including security for IoT and M2M devices. Also, at group level, we gained further expertise after the acquisition of two companies specialized in cyber security: Atheos, integrated in Orange Cyberdefence Division and the threat intelligence provider, Lexsi.

Could you describe what is the company’s vision and approach in terms of cyber security? What means are you using to raise awareness in the Romanian market?

As previous stated, we have a holistic approach in terms of cyber security. We are actively involved in education of the young generation in terms of security risks posed by the online environment and methods of prevention of cyber-attacks.
That’s why we launched Bug Bounty initiative, an important competition that takes place at DefCamp and that is based on identification of BIS vulnerabilities and responsible reporting of these vulnerabilities.
Also, we are partners in training programs and renown security events such as European Cyber Security Challenge and Romania Cybersecurity Congress.

What should attendees expect from Orange Romania during DefCamp 2016?

The reason why we are here today is because we know that Internet and connectivity are now the new electricity that shaped world in what we know today, since the industrial revolution. Connectivity is not shaping only the organizations. The world is talking about sharing economy and the core of this shift is connectivity And networks are the backbone of this tectonic shift in which organizations and consumers find themselves. We talk about smart cities, about Internet of Things, about big data and the aggregator and the common denominator is the network Orange is committed to offering its customers, both business and end consumers the connectivity to reach their goals in this transformation process. In this equation of digitalization, Orange is an enabler, integrating solutions to anticipate and answer to the ever growing needs of connectivity. But in order to ensure connectivity, we also have to ensure security. And the threats are ever-growing.
In this context, Orange has to invest in increasing the security of its users. Therefore, we have made decisive steps:

1. 1. Security by design – a new way in which Orange elaborates its mobile and fixed products and services for residential, business and public sector segments. This concept is addressing also the new comers such as: Orange Home, Orange Smart Home and Orange Smart City.

1. 1. Security expertise and experience: Orange offers “fully managed” cyber-security services for organizations.

1. 1. Know How – we have multiple certifications in cyber-security, covering areas such as industrial IoT/M2M, data centres, wireless . In order to achieve this level of expertise, Orange Group acquired two companies specialized on cyber-security – Atheos – that is now part of Orange Cyberdefence and Lexsi (threat intelligence provider)

1. We are the only telco operator to offer:
   • A proactive service for Security Operation Center
   • Security Audit, Penetration Tests and Code Review – to collect vulnerabilities from app, web pages and e-commerce apps.
   • We are the only operator to have launched a real time threat map
   • We are the only telco operator to have initiated a Bug Bounty competition within DefCamp back to 2015, together with Fortinet
   • We are actively involved in rising awareness and educating the young generation regarding the threats and security risks: European Cyber Security Challenge, Romania Cybersecurity Congress, DefCamp – Bug Bounty, Innovation Labs
2. Partnerships with trusted organizations and start-ups from the cyber domain for a safer digital experience. Orange has partnerships with companies such as Fortinet, BitDefender and Kaspersky to secure the mobile and the fixed internet accesses for our customers, while Bit Sentinel and Cyber Smart Defence are helping us to provide professional security audits and penetration tests to benchmark the security compliance of our business solutions.