How intelligence sharing helps BT’s fight on cybercrime

When it comes to combating cyberthreats, telco competitors are allies, BT's security head tells TechHQ at Cloud & Cyber Security Expo.
11 March 2020

The BT Tower is a London landmark. Source: Shutterstock

Telecoms services keep our world connected. In fact, entire economies and business infrastructures are built and rely upon these networks.

From email and messaging, to phone calls and videos, our reliance on telecoms is so ingrained and ubiquitous that we can easily take for granted just how important they are.

This reliance, however, is ripe for exploitation.

Cybercriminals are all too aware that telecoms operate complex networks and store vast amounts of sensitive personal and business data – and that makes the industry one of the most vulnerable to attacks. A report by Efficient, for example, found that 43 percent of telecoms firms have suffered DNS malware-based attacks.

With operations in 180 countries worldwide, BT is one of the world’s leading providers of communication solutions and services. As such, security is a vitally important component to its business.

As Managing Director of BT Security, Kevin Brown has the task of overseeing the telecoms firm’s global cybersecurity arm – and that includes both the internal systems and policies designed to protect the firm itself, and also the security products and services it offers customers.

If the task sounds Herculean, it is, particularly as businesses continue to increase their attack surfaces with moves towards cloud and IoT technology. And while Brown might have a 20-year career in law enforcement specializing in serious crime and intelligence behind him – as well as a seat on the WEF’s project to tackle cybercrime – he certainly doesn’t work alone.

BT Security has a growing force of thousands of experts ensuring that cybercrime and fraud attempts are constantly countered. Even if an “incident” does occur, disruption to the firm’s 6,000+ business customers is minimized and resolved swiftly.

“BT Security is one of the fastest-growing parts of our business and we have made accountability for security a board level issue in BT,” Brown told TechHQ ahead of his presentation and Cloud & Cyber Security Expo in London this week.

“This has meant a shift in mindset to recognise that basic security should be an essential part of everything we do.”

Even with such a sizeable security force and an internal culture of cybersecurity awareness, however, the former intelligence specialist knows that keeping the global organization airtight from threats requires collaboration with external stakeholders as well.

In 2018, BT became the first telco to share information about malicious software and websites on a large scale to combat cybercrime through the NCSC’s Malware Information Sharing Platform – a platform which shares the latest threat intelligence info between the firm’s industry peers.

Brown has even brokered relationships between BT and international law enforcement agencies such as Interpol and Europol, signing a memorandum of understanding to work collaboratively and share knowledge to tackle the global threat of cybercrime.

“We work collaboratively with other telecoms providers because in the reality of dealing with cyberattacks, it’s not only about collaboration within your own organization but about partnerships between companies and governments, and the wider security industry to share threat data and increase collective resilience.”

Brown told TechHQ that the “scale and pace of the cyber threat dissolves traditional barriers between competitors.” In essence, the fight against cybercrime has united the telco industry to a certain degree, with members aware that teaming up is the most effective way to counter a mutual threat.

This has led BT to change some of its normal assumptions and ways of working, in terms of helping and supporting what would otherwise be rivals: “After all, it’s not often that you choose to share information that will directly help your closest competitors to improve their services.”

Industry cooperation is an effective strategy in reducing the potency and success rates of cybercrime, but like most heads of security, Brown invests his time in ensuring all staff, “from board level down” are advocates of cybersecurity.

“I would suggest that business leaders are very clear that security needs to be considered as a key topic for all employees, no matter what level they are. Issuing company-wide mandatory training should be done to ensure employees are mindful of security.”

Taking some simple steps in educating your employees – such as ensuring they understand your company’s information security policy, especially around data classification and handling of data – can help them become your biggest security asset, he explained.

Fostering this culture is vital for minimizing the risk of compromise today, but it also encourages “fresh ways of thinking” which will help to deal with cybersecurity problems emerging on the horizon.

On how the landscape of cybercrime continues to unfold, Brown is under no pretence around the weight of BT’s task, as the network are handling much more data than anything that has come before. That could stem from “critical communications for national infrastructure and emergency services, through to the data from your regular household appliances.”

“The technology is evolving but so are the cyber challenges,” said Brown.

“Businesses need to maintain awareness of their security posture and work on a strategy of continuous improvement. Attackers are constantly looking for weaknesses to exploit and these weak points can lie outside your network perimeter. Adopting a ‘zero trust’ mindset is a must-have for businesses in the modern world.”