In this episode of Carrier 2.0, host Steve Saunders examines how AI is reshaping security for carriers and widening the threat surface. Cisco’s Tom Gillis and Martin Lund explain why nation-states are increasingly targeting network infrastructure and how security is being embedded into the network fabric itself.
Hawaiian Telcom’s Jason Thune highlights how regional carriers can out-execute hyperscalers, and Brightspeed’s Michel Combes discusses how BEAD funding is accelerating fiber build-outs to hundreds of thousands of new premises. Steve also tackles the question on everyone’s mind: is AI in a bubble, or just early?
Steve Saunders:
AI is changing everything in carrier networks from traffic flow to business models. But one thing that hasn't changed is the importance of securing those networks and the information they carry. It's just made the job harder.
Tom Gillis:
All the AI tools that we're using to automate the response, tackers are using to automate the attack.
Steve Saunders:
Welcome to Carrier 2.0, a podcast for carriers about carriers, their networks, and their businesses. In this episode, we're going to go deep on the security implications of AI workloads, the evolving telco threat landscape, and we'll detail the priority actions carriers need to take now.
Speaker 3:
All right. People listen up. There's a (censored) lockdown right now.
Speaker 4:
Oh, come on.
Steve Saunders:
Also on today's show, what can carriers do that cloud hyperscalers can't? Hawaii may hold the answer.
Jason Thune:
Well, the thing is the trillion dollar companies don't know how to get work done here in a place like Hawaii. We have to deal with permitting and pole attachment fees and going underground and dealing with the community. That's something that a local based company that Hawaiian Telecom does.
Steve Saunders:
And to bubble or not to bubble? Are AI boosters setting the US economy up for an imminent meltdown?
Speaker 6:
And, it's gone.
Speaker 7:
What?
Speaker 6:
The money in your account.
Steve Saunders:
Why the answer isn't as simple as you might think. Also, Brightspeed unlocks speed at last.
Michel Combes:
I can mention that we have been provisionally awarded more than the 560 million in federal bid programs funding across 18 states, which will allow us to unlock nearly 300,000 additional premises that we would not have done without bid.
Steve Saunders:
But first, AI security. And I talked to Tom Gillis at Cisco for an update on the AI security state of the art.
For me, the AI revolution is an edge revolution. Is the presets of Cisco's security philosophy, are they consistent in the core and the edge?
Tom Gillis:
We definitely do different things in those spaces, dramatically different things in those spaces, but here's the thread that ties it all together, is AI. You can think about it as the firewall is just melting into the fabric of the network. And it's not just of the firewall we know and love today. We're going to reimagine how that firewall operates, break it into a million little pieces and embed it into Cisco infrastructure.
Steve Saunders:
Everywhere?
Tom Gillis:
Everywhere. If you're going to have a million little tiny baby firewalls, you simply cannot manage that the way you manage traditional firewall. It's not possible. And so AI is the enabler that allows us to do these dramatically different things and put the right security in the right spot of the network where you need it.
Steve Saunders:
Are we talking about silicon here or is it all still in software?
Tom Gillis:
Well, the answer is it's a magical blend of the both. And so we can do a lot of amazing things with just software. And that software tends to focus on a technology we call EBPF, which is a interface in Linux that allows us to look into the beating heart of the operating system without actually being in the beating heart of the operating system. It is transforming how we do security for workload.
But as good as the EBPF stuff is, there's still a lot of places you simply can't put any software agents. And so having the ability to have a single system that can implement security and software, but also put it into the fabric of the network using Silicon, particularly Silicon One that powers our smart switch technology, that's something no other company in the world can do and I think is really transforming the way we think about security.
Steve Saunders:
There's been a lot of news. We're seeing it almost on a daily basis at the moment about state actors targeting carrier infrastructure-
Tom Gillis:
Where you're going with this? Yes.
Steve Saunders:
Yeah. I mean, what's Cisco's response? What are you doing about that?
Tom Gillis:
We take this very, very seriously. These very sophisticated nation state actors are targeting infrastructure. Infrastructure means switches, routers, firewalls, and load balancers. Who makes most of the switches, routers, firewalls, and load balancers that go into the infrastructure? Cisco. What we find is that why are attackers finding vulnerabilities in a load balancer or a firewall or a switch. And so the reason why attackers go after them is twofold.
The first is this is infrastructure and infrastructure can be tricky to upgrade. And so we have customers that are running software that can be ... One of the things they love about Cisco is they're like, oh my God, I've been running that catalyst switch for how long? A decade? Well, software has vulnerabilities. And so if you have a version that's two years old, there's going to be vulnerabilities in it. So infrastructure's hard to upgrade.
The second, and this is a more nuanced point, is that the whole security industry has been built around assuming that the end user is gullible and is going to click on that goofy link from the foreign prints that wants to give you money. And so that guy's still out there. And so all of our instrumentation is looking for bad behavior from a laptop. And so we're thinking about how can we make our infrastructure inherently more secure? How can we make it easier to update? How can we apply a compensating control to a switch or a router without rebooting that switch or router? This is in market today, it's young, but it's shipping now. It's what we call Live Protect. And so that is just the beginning of our journey for how we're going to transform the way that we can make the infrastructure itself more resilient and easier to manage in the cyber environment where the bad guys are targeting these devices.
Steve Saunders:
Okay. Let's take a break now from all that stress-y security stuff and talk to Jason Thune here in Hawaii about how his carrier, Hawaiian Telecom, is doing things that trillion dollar hyperscaler cloud operators can't.
How does a carrier like Hawaiian Telecom keep its strategic advantage against these trillion dollar companies?
Jason Thune:
Well, the thing is the trillion dollar companies don't know how to get work done here in a place like Hawaii where you have to deal with permitting and pole attachment fees and going underground and dealing with the community. That's something that a local-based company, that Hawaiian Telecom, we as well as a lot of locally based providers have the ability to move fast with permitting and getting fiber and connectivity in the ground so these large trillion dollar companies don't have to deal with it.
Steve Saunders:
Give me an example of that. What's a problem that you've solved that a mainland carrier perhaps would've really struggled with?
Jason Thune:
Well, the biggest thing in dealing with the state of Hawaii is they have some environmental rules dealing with what they call shoreline management area. You can't just go and start digging up an area that's close to the shore or stick a pole in, in the middle of nowhere. There's a process that needs to happen. And it can take anywhere from six months to well over a year. In some cases, we've had to deal with that too. That doesn't necessarily meet the timelines of a lot of our customers or what the industries are demanding. So when you have existing infrastructure in place, that's a really quick way to bypass a lot of the permitting processes.
Steve Saunders:
And that's an essential component of your strategy, which is to provide fiber everywhere. And I mean, once you've done that, what's next? I mean, do you move up the stack into new services and capabilities to put on that infrastructure?
Jason Thune:
To your point, once you have the fiber in the ground, the possibilities are endless. So probably the next step for us is really getting rid of our old legacy copper-based infrastructure network and services and get everybody on there. And that's more of a transformational network type of initiative. But when we talk about external with the customers, it's really giving them the connectivity where they want when they need it. So it's not just, hey, broadband to a consumer or business. But there's a lot of things out there dealing with internet of things and remote sensing. Of course, along with AI, that's really going to drive the need for more fiber dense applications. And the only way to have that is have that fiber right there.
Steve Saunders:
Let's talk about the AI bubble. A recent Bloomberg infographic showing AI vendors passing billions of dollars between each other split the room. Now, half the crowd thinks it shows a healthy flywheel. The other half thinks it's a time bomb, proof we're inflating a hyperscaler driven bubble big enough to crash the US economy when it pops. I've been in camp AI bubble for a while now, but with a very important caveat. Let's be honest, the quantitative red flags are everywhere. NVIDIA briefly brushed a $5 trillion valuation in October. That's a logic bomb waiting to go off.
Today, NVIDIA looks like a monopoly, but those GPUs have a three-year shelf life before AMD, Intel, Qualcomm, Google, Amazon, Meta, Groq, Cerebras, and Huawei SuperPoD all roll up to crash that particular party. Then there's OpenAI planning to spend $1.4 trillion on infrastructure against just 20 billion in revenue. And of course, Palantir, sitting at a price to earnings ratio of 690. Well, when their executives react scrutiny like this, you know you're in bubble territory.
Speaker 9:
I love the idea of getting a drone and having light fentanyl laced urine spraying on analysts who've tried to screw us.
Speaker 10:
Brad, if you want to sell your shares, I'll find you a buyer.
Steve Saunders:
So why am I not despairing? Well, first, not all bubbles are created equal. This AI bubble looks a lot more like the optical networking bubble of 2000 than the subprime apocalypse of 2008. The fiber optic market eventually came back. The demand was real. It was the timing that we got wrong. Now, exactly the same thing is happening with AI. AI is transformative, but its real impact will arrive after the bubble bursts and in ways that have nothing to do with today's AI hype metrics.
So how should carriers, vendors, and investors navigate this attenuated timeline? Well, first, do your own homework. I'm here in Western Australia, filming a mine running 36 autonomous 400 ton trucks over private 5G. What that tells me is that Industry 4.0, which includes AI, is not a fantasy. It's happening. But if you can't see where AI fits in your business today, maybe just don't go all in on it yet. Secondly, stop listening to the AI vendors. Sam Altman, for example, isn't the magus of AI. He's just the guy who made AI accessible to regular Joe's. He's literally the AI chatbot guy. Don't let him set your strategy.
Sam Altman:
I think this is a significant area of concern.
Steve Saunders:
Yes, this is an AI bubble. No, it's not the end of the world. AI's long-term value is very real, very transformative. And when the dust settles, the winners will be the ones who stayed calm, stayed smart, and did the work.
What's happening with BEAD? Do you feel that that's going to arrive and is it going to support your business?
Michel Combes:
Definitely. From the moment we launched Brightspeed, we have been working to augment our multi-billion dollar investments by leveraging the different subsidies which can be coming from states or federal. I can mention that we have been provisionally awarded more than the 560 million in federal bid programs funding across 18 states, which will allow us to unlock nearly 300,000 additional premises. When I take the ones which are fully subsidized and the one that we will pass through to go to those premises that we would not have done without bid. What we grabbed from the previous program, that's basically 850 million of subsidies, which will have allowed us to unlock up to 600,000 new premises in our footprint.
So I would say that's a massive program, which is extremely useful and which is very consistent with what we are trying to achieve is bringing the best broadband connectivity in places which don't get it today.
Steve Saunders:
Back to security. I also talked to my friend Martin Lund at Cisco about how it's tackling security in its hardware.
Martin Lund:
As AI rolls out to the rest of the world, we have it in our wifi. Access point, we have it in cameras, we have it at the edge of the network. So AI is definitely the macro theme. And I find that the insight that I think is dawning on many people more and more is that without networking, there is really no AI. We can't really function. It can't get the data. It can't interconnect the GPUs that will do the computation. So networking and secure networking is essential for that whole drive.
Steve Saunders:
But it also presents some unique challenges, doesn't it? Because with this agentic AI wave of technology, which is coming particularly to the edge of the network, it's completely changed the order of the color and the shape of the traffic on the network. Now it's not asynchronous, it's fully synchronous. You need the same capacity going up and down, but also across end-dimensional. How are you tackling that?
Martin Lund:
One of the first things is it has to, of course, to be reliable and then you need to be able to manage it. So that's kind of the stack layer diagram if you think of it. When you think of physical AI, it being the next wave with robotics and so forth, they're going to have their own networking requirements and security requirements that we are anticipating right now in our architecture work. The scale of the bandwidth that is needed for what we call scale across, meaning between data centers is so mind-blowing, is accelerating a pace that is unbelievable. It is mind-boggling.
Steve Saunders:
The different challenge though, isn't it? That's sort of a data center challenge versus the edge network challenge, but you have to be able to tackle both and manage both, I suppose. And that's one contiguous architecture and one contiguous security implementation with Cisco, is that right?
Martin Lund:
We think of this as one unified architecture that is required. You can't just say, "Oh, I have a specialized one for here and another one that's over here." Because history have said that these specialized networks are rarely, they can't keep up evolution. And that's why everything has converged on IP network and TCP IP network and ethernet. What is new is that we're building the entire stack.
Steve Saunders:
And finally, I leave you with a scandal, actual footage of me getting thrown out of a store in Beijing.