How Turkcell Uses Picus to Ensure Continuous Threat Readiness and Cross-Team Collaboration

Introduction

Telecommunications have become an integral part of our daily lives.

Telecoms have become a fundamental part of our lives - not only for individuals to stay connected, but as the backbone for our economies and business infrastructures. Thus, for telcos, connectivity is the number one imperative. The potential consequences of a disruption of services can range from a simple network disconnection to complete territorial outage. Furthermore; telecom operators evolved into being providers of content and online services where large and versatile IT and application systems are required. This makes telecom operators even more attractive targets for cyber criminals.

The Customer

With close to 50 million customers in five countries, Turkcell is one of the world's leading digital operators.

Turkcell is a digital operator headquartered in Turkey, providing customers with a unique portfolio of digital services including voice, messaging, data and IPTV services on its mobile and fixed networks. Founded in 1994 as Turkey’s pioneer mobile service provider, today Turkcell Group companies operate in five countries serving close to 50 million customers. In parallel with the dynamics mentioned in the introduction section, Turkcell offers a variety of custom applications and content to its subscribers. In order to manage such an extensive network and an ambitious service portfolio, Turkcell manages a large scale, world class, state of the art network.

Abdurrahman Şakar
Offensive Security Manager, Turkcell

"As the offensive security team our job is to find the answer if we are ready against evolving and new adversarial campaigns. We conduct various red team exercises and the insights provided by Picus helps us design the most relevant scenarios.”

Digitalization widens the attack surface

“We have been working towards differentiating telecom and digital services we provide. Currently we are offering more than dozens of digital services including online messaging, cloud-based file management system, a TV platform, music streaming service, and domestic mail. This makes our job even more difficult as we are now preparing ourselves for the threats against both the telco and the classical IT infrastructures.” says Abdurrahman Şakar, Offensive Security Manager at Turkcell, and continues "when it comes to cyber security, telecommunications is one of the most targeted industries".

A complex environment managed by an army of security professionals

Turkcell owns and runs one of the -if not the biggest- telecom networks in its geography of operation. This large, widespread and diverse infrastructure houses a number of IT and network technologies in addition to the innumerable number of telecom equipment. This colossal infrastructure is protected by a number of security technologies including firewalls, intrusion prevention systems, web application firewalls, proxies, security information and event management (SIEM), endpoint detection and response (EDR), security orchestration, automation and response (SOAR) and vulnerability managers. These security technologies are operated by hundreds of security professionals, working in dozens of separate and specialized teams from IT SecOps, SOC, offensive security to application testing, access and identity management and compliance

Abdurrahman Şakar
Offensive Security Manager, Turkcell

“We use Picus to create common ground between the IT SecOps, Offensive Security and SOC teams. The offensive team uses Picus threat library to simulate the APT scenarios, the results are then analyzed to pinpoint the gaps in the security controls.”