COVER STORY
How do you ensure you protect your customers and avoid cyberattacks ?
We apply the same security principles and protections to our customers as we do to protect ourselves , but our approach can essentially be broken down into two elements .
For all our customers , such as home broadband and mobile users , we very much aim to be the most intrinsically secure network they can choose by ensuring that security sits at the heart of all our operating decisions and processes . We also provide a range of guidance around how they can stay safe online , for example with advice on how to identify and avoid scams .
Secondly , we also provide security solutions directly to private and public sector organisations via our BT Security unit . We work with a wide range of security partners to provide solutions that both protect their organisation from threats and enable them to securely adopt and reap the benefits of new technologies .
Has there been any change to how you manage security operations since the pandemic as more people work remotely ?
The past year has really shown the importance of telecoms networks , as they ’ ve proved vital to enabling so many aspects of life in lockdown . Our network and systems coped really well with the increased demand – with daytime traffic on our core network more than doubling in 2020 – but this also means that securing those networks becomes more important than ever .
We employed a number of operational improvements , such as increased endpoint monitoring and heightened monitoring for any unusual system access , data extraction or unauthorised software . However , one of the most significant issues that we identified was that as well as the technological and logistical challenge , there was also a massive behavioural aspect . The whole routine of going to work – getting dressed smartly , travelling to the office , using your passcard to enter , noting a CCTV camera and security guard – forms a mental process that subconsciously switches you into ‘ work mode ’ and puts your guard up . Contrast that to the daily reality of remote working . . . .
We quickly published security guidance that looked at how these changes can make you drop the security best practices that you ’ d naturally employ in the office . This ranged from a reminder of actions you need to take to stay secure accessing data at home , through to fundamental behavioural stuff like asking people to just take a second to pause and take stock of their actions before continuing .
What do you predict the future will hold for BT and the cybersecurity challenges you might face as a business , as you continue your move to the cloud ?
As more and more organisations make the move to the cloud , so too do the criminals looking to exploit them . The transition to the cloud erases traditional security perimeters and hugely increases organisations ’ attack surface , meaning they need to move away from enacting certain security measures just because they ’ re expected , or they ’ ve done so in the past .
In the cloud , tech choices can ’ t be taken in isolation ; it ’ s not just about
We also recognise the importance of ensuring all of BT ’ s circa 100,000 employees understand the behaviours they need to adopt to protect BT , as you ’ re only ever as secure as your weakest link .
solving one problem . The thought process needs to explore where this tech will fit into the whole — what it will connect to and how .
Strong cloud security comes from knowledge in three key areas : a sound understanding of how the cloud works ; the applications a business wants to use ; and the business ’ plans for moving forward . Organisations that have knowledge about all three can build in effective security faster , more easily and at a lower cost . u www . intelligentciso . com
53