Blog · 03 Sep 2019

How BT is working behind the scenes to protect you from cyber crime

Sharing some of the ways we're protecting our customers from cyber attacks and how our cyber index gives a snapshot of the growing threat landscape.

Director cyber information security & BT CISO

We’ve all become used to seeing cyber attacks in the news. Every individual and organisation is having to think about their security and how best to protect themselves.

As a network service provider, BT’s network is one of the largest in the world. We cover almost 200 countries and territories and we own enough terrestrial fibre to go 1.5 turns around the earth, not to mention satellite and wireless networks. We protect this global network from a huge number of cyber attacks, and the scale and complexity of these is intensifying.

Our expertise lies in analysing and understanding traffic and data flows across public and corporate networks.  This means we can correlate what we see happening on our network with customers’ networks and with external events. We process 600,000 events per second (2.1 billion events an hour) into BT’s Cyber Security Platform, enabling us to proactively hunt threats in real time.  As an example, last quarter we blocked over 111 million connections to malware sites on a monthly basis.

This analysis allows us to understand how and where to put controls in place and how to detect anomalous behaviour that could be an early indicator of an attack, enabling us to be on the front foot in continually tuning and refining security policies and our services.

Damien Childs, BT’s Director for Security Design, Delivery, Service and Operations says “We’re delivering security capability to our customers to ensure they are protected against the evolving threat landscape.  From DDOS protection to ensure that servers and applications are not taken offline by attackers, to helping our customers design their network security architecture to ensure that the layered protection of their critical assets remain secure, or providing cyber services leveraging our expertise in IBM SIEM and other bleeding edge vendor technology we’re preventing thousands of potential attacks on our customers on a daily basis.”

We want everyone to feel safe when using our services, so we work behind the scenes to protect our customers - from both large scale attacks and more targeted attempts to steal data. We also believe that sharing threat information with trusted partners in industry and government is crucial to improving the overall security ecosystem and protects our customers from a wider range of threats than any one organisation can determine on their own.

We’re now sharing some of the information we monitor on the BT Cyber Index. The Index gives a high level view of cyber threats that we protect our customers from on a daily basis and show some of the challenges we’re working against. It includes DDoS alerts, phishing sites taken down, malware sites blocked and scam activity that we act on. Given the breadth of our network, the data it provides gives an indicative view of the wider security ecosystem and a snapshot of the growing threat landscape.

Building awareness of cyber issues is key for improving defences, as it makes people and organisations place more emphasis on their online security, and makes it more difficult for cyber criminals to operate.

For example, the increase in the number of phishing attacks has driven us to do more internal education and training of what to look for, how to avoid being caught out and how to report suspect emails. The training has not only helped protect our own network but has also helped employees share the information they’ve learnt at home with friends and family.

Find out more about how to make security integral to your business