CASE STUDY
We know , though , that there is no such thing as 100 % security and that criminals will constantly invest and innovate to create new attacks . That ’ s why we run regular ‘ black swan ’ events to test our defences and see how they really stack up against a cyberattack . We also make use of our excellent Offensive Security team , who we give the remit and latitude to stress test all aspects of our security .
How would you suggest organisations can gain control of complex IT systems and ensure security is the responsibility of the business ?
Visibility of your IT estate is absolutely key . Most organisations have grown organically over time , adopting a mix of systems from a range of vendors , which makes it hard to fully identify your vulnerabilities and risks . After all , if you don ’ t know what you have , how can you protect it ?
cCan you give an overview of your role at BT and the scope of your responsibility ?
My job is to ensure that BT can detect , protect and recover from cyber and physical attacks in the UK and across the globe . This means looking after our people , data , infrastructure and buildings across both the real and virtual world . Of course , this is an extremely difficult task . The scale and pace of threats are constantly growing , especially as criminals continue to realise the returns that can be made at relatively low risk . At the same time , we ’ ve seen nation state activities increase and expand , with huge effects , and more ‘ traditional ’ lone hacktivists are as busy as ever .
This often becomes a critical issue when a significant security incident happens in the news , and ‘ do we have one of those ?’ becomes the most common refrain . Taking clear steps to assess your assets ( not just the devices and systems , but also their patching status ) and then putting in place clear protections based on this knowledge , is crucial for successful security .
We also recognise the importance of ensuring all of BT ’ s circa 100,000 employees understand the behaviours they need to adopt to protect BT , as you ’ re only ever as secure as your weakest link . That ’ s why we run a comprehensive programme to ensure they all have the tools and understandings that ensure they ’ re acting as securely as possible .
Ultimately , we ’ re in a constant race between cyberdefence and cyberattack , and to be successful in my role I have to make attacks against BT expensive , dangerous and worthless for our adversaries .
How does BT exercise cybersecurity to ensure it operates with a robust infrastructure ?
BT is on the receiving end of an average of around 6,500 attacks every day , so we have to use all the tools at our disposal to protect our operations , people and customers . We employ a proactive security strategy that holistically monitors and scans for any threats across our estate . As part of this , we enact multiple layers of protection to identify and stop attackers , and use AI and Machine Learning capabilities to hugely improve our ability to detect anomalies and predict threats , significantly reducing the time taken to respond to attacks .
Can you highlight any recent examples of when you have overseen a technology implementation / worked with a vendor to enable an enhanced cybersecurity posture ?
As COVID-19 hit last year , BT Security had to rapidly scale up its security capabilities around remote working . As part of this , we worked with CrowdStrike to employ enhanced Endpoint Detection and Response ( EDR ) across BT to help secure our devices , cloud systems and the network as a whole .
We didn ’ t expect to be able to deploy CrowdStrike ’ s technology at the scale and pace that we did during this period . We went from zero servers to tens of thousands covered in days and weeks , rather than the months expected , breaking all rollout records . We also worked closely with the CrowdStrike team to ensure secure connectivity out to the cloud was achieved
64 INTELLIGENTCIO EUROPE www . intelligentcio . com