Barbarians at the gates! BT launches new Managed Security Service as cyber-attacks proliferate

Martyn Warwick
By Martyn Warwick

Aug 5, 2021

  • UK businesses now being hit every 45 seconds
  • Corporate and public sector organisations are at severe risk
  • Increased incidence follows switch to remote working during the pandemic
  • New service works both on premises and in the cloud and is designed to stop attacks before they happen

Companies and organisations across Britain now face more online threats than ever with cyber-attacks taking place every 45 seconds, according to new government figures - and it’s getting worse. To help counter these pernicious incursions, BT, the UK’s incumbent carrier, has launched a new Managed Security Service aimed to provide greatly enhanced levels of security and network resilience for corporate and public sector customers and to protect them against increasingly sophisticated offensives.

The main reason behind the massive increase in cyber-attacks is, of course, the Covid-19 pandemic. Almost overnight Britain’s office workers (and many others) found themselves locked-down and working from home, often in far from ideal environments. Apart from the family disruption attendant on moving to work in spare rooms, setting up a mini-office in a bedroom, kitchen, a living room, a garage, in a garden shed or turfing Harry Potter out of the cupboard under the stairs to make room for a stool, a laptop, a lamp and an Internet connection, remote working meant personnel had to take home their company-provided computers and other communication devices and network connection and access equipment - and that massively increased the number of online threats and assaults.

The management of complex security systems and architectures is hard enough at the best of times but during some of the worst of times since the Second World War (and even longer ago than that) the task has been horrendously difficult. Unsurprisingly, the incidence of DDOS and ransomware attacks, phishing, whaling and many other scams has risen sharply since March 2020 and 60 per cent of UK companies have reported cyber-incursions. It is not known how many more have suffered in silence being too concerned about their public profile to admit to frailties in their cyber-defences.

The new service is from BT’s Enterprise Business Group and will provide customers with proactive monitoring to identify suspicious activity in a client’s IT environment and block threats and attacks before they happen. Furthermore, as UK businesses continue to migrate to cloud-based operations, BT’s Managed Security Service will also monitor both on-premises and cloud infrastructure to manage risk more effectively and expeditiously, irrespective of how companies connect to their staff, be that in offices, to mobile workers, to the cloud, or across multiple locations locally, regionally and globally.

Telco puts security at the top of its 'to do' list

Only two weeks ago, BT took a multi-million dollar stake in the Silicon Valley cyber-risk management company Safe Security and the telco's CEO Philip Jansen told the media and analysts that cyber security is now at the top of BT’s agenda for enterprises and organisations that are constantly fighting against increasing numbers and levels of attack. Today’s announcement is more evidence that the national operator regards security solutions as an important and lucrative sector. 

The potential is evident, as is the investment BT is making. The new Managed Security Service will be managed and delivered by a dedicated and highly-qualified team and backed by products and services from a range of market-leading security providers including CrowdStrike, Palo Alto and IBM.

Among BT’s security products and services are Managed Endpoint Security (ESC), a cloud solution that utilises cyber-threat prevention, detection and response capabilities to protect endpoint devices (such as laptops and servers) wherever they are located. Another is Managed Embedded Security Controls, which deliver end-to-end threat prevention-as-a-service directly from BT’s proprietary network. ESC works by introducing a converged solution compromising multi-tenanted nodes of best-of-breed next-generation firewalls embedded into BT’s network and delivered to the customer through the cloud. 

A third solution is BT Cloud SIEM (Security Incident and Event Management), which is a complete and comprehensive cyber threat protection service that collects logs and events from the customer’s entire security estate and correlates them with external threat intelligence feeds to provide contextual, actionable alerts through a single screen point of reference. BT says this is applicable to any industry looking for centralised collection and analysis of logs and events of security incidents.

BT already employs some 3,000 security specialists and routinely protects its own infrastructure and networks from attacks by individual cyber criminals as well as organised crime and state-sponsored actors. Commenting on the launch of the news service, Dean Terry, MD of BT Enterprise’s Corporate and Public Sector unit, says: “As we’ve seen recently, cyber criminals continue to cash in on the pandemic, targeting a number of mid to large businesses with ransomware threats. Many organisations have had to radically change how they manage operations and data over the past 18 months, so it’s critical that they adopt cyber security solutions which provide visibility and protections across their entire estate. That’s where we can help as their trusted technology partner. Our Managed Security Service offering will protect our customers in real time, so they needn’t worry about cyber-attacks slowing down progress, damaging their reputation, or standing in the way of embracing new ways of working.”

Know your enemy

According to BT, there are five basic things that corporate cyber-attackers want – money, bandwidth, data, storage, and identity. Of course, they want money, for example, either via ransomware and straightforward extortion, to mine bitcoin, or perhaps to manipulate corporate share prices. A “whaling” attack (a highly targeted phishing attack that is aimed at senior executives and usually masquerades as a legitimate email) can trigger fraudulent money transfers or theft of funds via the capture of credit card and banking details.

Attackers want access to bandwidth to be able to use a corporate network and its associated IT for targeted attacks on other companies or as part of an extensive DDoS infrastructure. They want data again via ransomware/extortion or by threatening either to publish or delete vital, sensitive and confidential commercial information. That also want to steal intellectual property as is often the case with state-sponsored attacks.

Attackers also want storage to hide illegal transactions for their own nefarious purposes. This could all include pirate software and worse. They want an identity or identities for the purposes of straightforward identity theft and/or to turn stolen identities against a company or senior executive via fake posting on social media platforms on or a company site.

Steve Benton, BT’s Deputy CSO, GM cyber and physical security operations and programmes, says that once a company or organisation understands the threats it faces (and why), then a robust defence strategy can be devised and put in place. He recommends companies to begin with a realistic assessment of hardware and software assets and accept that obsolete and end-of-service-life IT is dangerous. The only sensible answer is to pay to replace weak links before a successful cyber-attack ends up costing a lot more.

It is necessary to work methodically through all assets and estate and secure everything including physical infrastructure and the corporate perimeter, and this must include any wi-fi, cloud and partnerships. When that is done, all relevant staff must be fully trained and familiar with the security environment to ensure that the significance of any flags security measures might raise are understood and immediately acted upon. As he says, “There’s little point in having anti-virus, anti-malware, intrusion detection systems, and endpoint detection and response if you don’t react to their alerts.”

Benton adds that the best form of defence against a cyber-incursion is multiple overlapping layers of security to deter, disrupt and frustrate cyber-attacks, not least because like house burglars, cyber-criminals don’t want to spend time and resources attacking a secure target during which period they may be detected and taken down. In other words, pay attention to detail and don’t give yourself away cheaply!

Email Newsletters

Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.