Information Security Challenges in Telecom Michael T. Clark, Ph.D. CEO 13 October 2004

1. Information Security Challenges in Telecom Michael T. Clark, Ph.D. CEO 13 October 2004 Safe Harbor • Neither the information nor any opinion expressed in this presentation constitutes an offer, or invitation to make an offer, or to buy any security issued by the company. This presentation contains predictions, estimates or other information regarding the Company's operations which are forward looking in nature. While these forward looking statements represent our best current judgment on what the future holds, they are subject to risks and uncertainties that could cause actual results to differ materially and may involve risk and uncertainty. This presentation is prepared for general purposes only and does not have any regard to the specific investment objectives, financial situation and particular needs of any specific person. No liability for any loss will arise with the company as a result of the action taken on the basis of information contained herein. • For a discussion of the risks and uncertainties that may cause results to differ, you should review GTL’s filings with stock exchanges, including the annual report and quarterly disclosures. www.gtllimited.com

2. The telecom networking environment • Explosion in the sector with advancements in cellular, wireless and satellite technologies. • Emerging markets race to bridge digital divide. • Proliferation of IT and telecom technologies; integrated networks replacing dual systems. • All critical infrastructure in a country – power, government, finance, healthcare and education – depends heavily on converged telecom and IT.

3. Transformation of business process Source: Businessworld, 4th Oct 2004

4. APPLICATION CONTENT COMMERCE e-enabled business environment The security framework and tools to organize, manage and deliver content, services and process • Support • Infrastructure • CRM • Financials • Logistics- SCM, B2B, Extranet • Operation/Program Head • DSS–SLA compliances • Information support • Resource management • B2C Portal • Visitors/Clients • View information • Access B2C services • Compliance • Network • Data storage • Log analysis • Physical security • Knowledge transfer • Application • security • Data security Visitor Billing Value add services Workflow

5. Current India scenario • 5th largest network in the world, second largest among emerging economies (after China). • Annual growth rate of 20% in basic telephone service and over 100% for cellular service. • Increase in teledensity from 7.8% (June 2004) to 15% by 2010. • Investment requirement at least US $70 billion by 2010 with the current CAGR. Source: TRAI

6. SIM card vulnerability – even encrypted SIM cards susceptible to duplication. Jamming in cellular frequencies. SMS vulnerability – corrupt messages transmitted to handset and gateways crash software and corrupt SMS packets. Traffic interruption and monitoring in WI-FI network leads to unauthorized access of signals. Hacks get access to credit card transactional information – a vulnerability in General Packet Radio Service (GPRS). Abuse of database by third party service bureaus. Key IS challenges 

7. Lack of secured Storage Area Networks leads to data loss and unauthorized disclosure of sensitive data. System dependency on internet technologies results in illegal intrusions, disruption, disablement and corruption of critical infrastructure. Open architecture challenges privacy, safety, integrity and processes. Vulnerabilities in wireless networks…microwave systems; TDM/GSM/CDMA cellular; WLANS. Key IS challenges - continued

8. IS support layer Management and third party • Audits • Compliances Decision support • Encryption • Messaging solutions • Authentication solutions • Content security • Transaction security • IS policy enforcements Application support Internal security • Secure VPN • Anti- virus solutions • Firewalls • IDS • Vulnerability assessment • IS planning Network support External security

9. Securing open networks – primary responsibility. Framework for success: Manage security threats ISMS implementation Recognizes IS as a major part of Information framework Evolve with changing environment Vigilant about change Assigning responsibilities: service partner

10. Foster effective legal, regulatory and enforcement framework to stimulate business. World Bank’s four pillars of public policy for electronic security: Legal and regulatory framework; electronic transactions; laws governing legal validity; security of payment systems; data privacy and its impact; money laundering External monitoring of e-security practices Managing digital identities Precautions in network, applications and process compliances Indian telecom laws and regulation. Assigning responsibilities: regulator

11. Strengthen best practice regimes:Indian security standard. Public private partnership. Engage international agencies and institutions on IS. Develop Indian brand-identity at highest level of IS. Assigning responsibilities: industry

12. Telecom players will focus more on embedded security – integration becomes easier. Transactional security will be the key offer in the full-fledged security solution market bundled with security point-products. Telecom (bandwidth) service providers will implement full-fledged IS management system. Security outsourcing would enable service providers to focus on their core-competencies. Uniform regulations for converged environments; harmonized international IS regimes. IS business drivers ahead…

13. THANK YOU www.gtllimited.com