Protecting your organisation against ever-changing cyber threats
EMBRACING technology is creating a myriad of opportunities for companies to grow. The rise of cloud, big data, IoT and artificial intelligence have led to more collaboration, increased productivity, and the ability to understand and respond to your customer’s needs better than ever before.
But it can also open the door to unwanted guests, who potentially will wreak havoc on any size of business - unless you’re prepared to expect them, at any time.
The threat landscape is increasingly complex. The sophistication and know-how of those who want to manipulate or steal your data, compromise your email or plant a virus and hold your internal systems to ransom is developing all the time.
Steve Benton, Director of Security Programmes, BT Security shares his insights into key themes around cyber security at the recent Innovation 9 event in Belfast
These are criminals in an industry that innovates at lightening pace. Cyber diligence is crucial for firms that want to protect their customers, their reputation and their bottom line.
Ransomware is increasingly insidious. The means by which it gets into organisations; phishing emails for example, are getting better at fooling people.
Criminals are designing bogus emails that look like they could be from one of your business contacts, including your internal company contacts.
Data leaks are likely to rise too. At BT we do a lot of research into the murky reaches of the internet. Members of our team use “personas” on the dark web. This type of threat research is important to keep our customer’s data safe. For any business pre-emptive intelligence is paramount.
In BT we have a multi-strand approach. As a global network operator we invest heavily in research into understanding and staying ahead of the continuing evolving threat.
You may have heard of big organisations “playing cyber war games” to test their response to a data integrity attack. At BT we have trained and deploy a ‘Red Team’. They act like the very best criminals and nation state actors to attack us and test how effective our defences are.
We have invested in and deployed our own ‘cyber cloud’, which constantly probes our internal and external networks both for our benefit and our customers. If you understand the traffic around your infrastructure you have an early warning if something suspicious arises.
As a result we have generated a huge amount of information and have developed a big data cyber security platform. This assists our analysts to find suspicious activity fast and investigate quickly - moving at the velocity of the incident is critical when you are under threat. Ultimately around cyber security you need to be proactive.
Here are some questions and practises you and your organisations could start to put into place.
Firstly, how do you asses the cyber risk and what are you doing about it? Do you have an up to date policy in place?
Be a learning organisation. Review the incidents that have happened. Did the right people make the right decisions? It may serve you well to create a play-book so people know exactly how to respond and even practise to prepare for incidents.
Recognise that you’re not brilliant at everything. Work and partner with organisations that understand cyber security, they can bring their experience and the knowledge that you need.
Finally be vigilant. The scale, frequency and sophistication of cyber-attacks is increasing all the time. Vigilance is vitally important and it needs to be intelligence led. In this fast-changing threat landscape don’t be an organisation that is left exposed.
For further news and insights, join our BT Business & Public Sector Network in Northern Ireland LinkedIn group.
Steve Benton is general manager of cyber & physical security operations & programmes at BT Security