Blog · 26 Feb 2018

Security insider: Curiosity killed the cyber attack

Find out what it really means to be a Chief Security Officer here at BT — in our new ‘Security insider’ series.

profile-picture
Chief security officer

Les Anderson is Chief Security Officer here at BT, which means he’s responsible for ensuring both our defences, and those of the companies we work with.

What does this undertaking involve? A lot of hard work, and no small amount of smarts. Let’s take a look at how Les tackles the task.

A force multiplier

As far as Les Anderson is concerned, security awareness is everybody’s job. After all, any employee, no matter what their position, could easily open the door for a cyber criminal, with just one small mistake.

On the other hand, the more of your people you train — so they know what to look out for and how to react in a cyber situation — the more you begin to see a security force multiplier. And that’s what Les has achieved, not only with his own 500-strong team, but with the global BT population of well over 100,000 people. As Les says, “when you have 100,000 [people] being aware of security and exhibiting the right behaviours, then you’ve really got a competent organisation.”

Also high up on Les’s list of good security practice is sharing. That’s why he’s more than happy to share cyber information with Interpol, Europol, the Government and the UK National Cyber Security Centre. The more information we all have, the better prepared we’ll all be for an attack.  

Be prepared

The huge responsibility faced by Les is clear, so what’s his process for securing a company the size of BT?

Obviously, he isn’t going to give away our full toolbox of security measures. But what he can say is that preparation is key. You have to know, as far as possible, what potential threats you face and prepare for those. Even more importantly perhaps, you also have to be ready for the threats you don’t know about — and that’s the really hard part. Running Black Swan scenarios, both with your operational teams and with your CEO are key preparation steps.

Keeping pace

The way Les sees it, the bad guys have practiced, thought about their attack and how they can mutate that attack to be effective — and he knows that, in return, we need our processes, competence, wisdom and expertise to run at their pace.

If we can’t protect ourselves, why would a customer come to us for security? Les knows this, and it’s why he feels proud in the knowledge that he’s keeping BT — and our customers — as secure as possible.

His final piece of advice to anyone looking to create a stronger security stance at their company, is to search for, and foster, curiosity in your people. According to Les, both he and his team are naturally curious, and this inquisitive mind-set is exactly what’s needed when trying to solve the ongoing puzzle that is cyber crime.

Find out more

That should give you a good idea of the important work that Les Anderson does for BT every day. But that’s not the whole story. To find out more, watch the video below.

Contact

Related content

Blog

Gros plan sur la sécurité : La dernière ligne de défense

Découvrez la personne responsable de l'équipe qui est la dernière ligne de défense concernant la cybersécurité de BT.

En savoir plus en anglais
Blog

Initié à la sécurité : Quel effet cela fait-il de dévaliser une banque

En tant que hacker éthique, Konstantinos Karagiannis joue le rôle du « méchant » – s'introduire dans les banques. Nous examinons exactement ce que Konstantinos fait.

En savoir plus en anglais
Blog

Gros plan sur la sécurité : Prendre la main en matière d'intelligence des menaces

Découvrez la fonction de directeur de l'intelligence des menaces et comment notre propre directrice, Melanie Johnstone, contribue à nous protéger contre les cybercriminels.

En savoir plus en anglais