BT has opened a state-of-the-art cyber security centre to showcase how it can respond in real time to online cyber threats. The firm also unveiled a new cloud-based DDoS tool as part of its services for businesses.
During an exclusive presentation and demonstration hosted by BT and attended by V3, Mark Hughes, CEO of security at BT, said the facility would act as the nerve centre of BT's cyber operations, constantly monitoring a growing threat landscape.
Featuring a so-called ‘cloud of clouds' security platform, Hughes said one of the centre's key roles is to provide protection against distributed denial of service (DDoS) attacks, which are used by hackers to overload a targeted IP address with a deluge of traffic.
"There was a view a few years ago that DDoS was something that was a passing phase... yet I see us and our customers constantly being tested with new attacks. Being able to respond to that for most of our customers is something we have to be extremely agile at," said Hughes.
Indeed, research by BT found that two in five global organisations were targeted by DDoS attacks over a one-year period, with 75 percent of the victims targeted twice or more.
Hughes said the centre is designed to help organisations address the worsening cyber threat situation.
"Most countries have worked out there needs to be some sort of nerve centre. They have worked out they need a coordination point where escalation happens and intelligence can be done," he told V3.
"Now, what every organisation needs to be thinking about is how to have an infect, detect and respond capability alongside all the traditional controls.
"What we have created is a way to demonstrate some of the tools that we are using in BT and increasingly developing for customers," he added.
These customers, according to Hughes, are increasingly looking for cloud-based protection.
"The cloud of clouds is about how we deal with customers being able to make use of cloud-based services, be it Oracle or Salesforce, and how that can be integrated in a way in which they have connectivity that is resilient enough to support those environments," he explained.
With online attacks on the rise BT has found that its cyber security business is expanding.
"The cyber business for us in BT is growing rapidly, we are growing faster than the market," said Hughes, who noted that his team will be adding up to 500 employees this year alone.
According to Hughes, most cyber attacks can be traced back to only about 200 pieces of malware.
"Most types of attack can come back to only a small amount of malicious software but it's how it's bought, how it's deployed and how, where vulnerabilities exist, they can be exploited, in what are complex infrastructures," he said.
The BT security boss said there are a range of threat actors targeting organisations.
"There are those who aren't criminally motivated but who are motivated from a political point of view. We call those hacktivists, and they are often motivated by wanting to prove a point. Again, they can be extremely effective, extremely organised and can create quite a lot of trouble," he said.
"At the higher end there are nation states, which have a motivation to cause harm, to collect intelligence or to target corporate secrets about products and services."
Phil Swindle, vice president of the security portfolio at BT, provided a real-time demo of BT's security visualisation tool in action.
The demo used a program called Assure Cyber, which is a big data platform used by BT to analyse, detect and inspect potential threats.
"It's taking net flow information which is essentially router logs, what's talking to what in a network," explained Swindle during the demonstration.
The tool, which has been developed with input from UK security experts at Darktrace, helps to detect unusual behaviour on a network. The software, according to Swindle, is vital as visualisation is a powerful way of understanding large amounts of data very quickly.
A number of recent cyber breaches, including the hack at the US Office of Personnel Management, have shown that companies need to be increasingly prepared for any potential cyber threat.
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal
Microsoft, Google and Samsung all targeted as Avast admits to the scale of the CCleaner compromise
Not all loose ends tied yet, admits Bain backer SK Hynix