Infosec management complexity a challenge for enterprises

Infosec management complexity a challenge for enterprises
Infosec management complexity a challenge for enterprises

Even some major enterprises are no longer able to cope with the complexity of defending their networks themselves, Mark Hughes, CEO of BT security told SCMagazineUK.com today at the launch of its cloud-based global DDoS mitigation service (part of its ‘Cloud of clouds' security portfolio).

“Deployment of Security and Information Event Management solutions [contribute to the needed information] but its usefulness is complex, and it needs to be managed to achieve better situational awareness – and many companies are at the end of the road in terms of their [infosec] ability,” as they are “no longer able to manage,” said Hughes.

BT is a national and international telecommunications and broadband content service provider, protecting its own networks, then leveraging that knowledge as a major infosec service provider to third parties around the world, including several governments.  

So while it is a tech-literate company, Hughes commented, “Governance is what you need to be good at to be good at security,” noting the plethora of regulatory requirements and jurisdictions that must be complied with in terms of handling data, privacy and breach disclosure issues.  This is especially so with the increasing cross-border nature of business and use of cloud services such as Salesforce and Microsoft 365, with data hosted elsewhere.

As an example of meeting the requirements of different jurisdictions, Hughes said that BT had server farms to provide local cloud services in countries where that was a requirement, including Germany, France and Russia.

The presentation took place at the opening today of the company's new gobal security showcase facility in Sevenoaks, just outside the M25 in Kent, from where BT now handles cyber-security both for its own global operations, drawing data from a range of sources including 14 BT facilities internationally – but also several of its customers who feed into the threat intelligence and benefit from intelligence gathered on the BT networks. 

“We're doing a lot of demonstrations for customers here – some 20 per week including a lot of foreign governments,” said Hughes.

SC asked what restrictions were placed on BT in terms of both which governments it could deal with and what technology might be provided to regimes that could be considered oppressive.  Hughes gave a fairly standard response in terms of being an ethical company that abided by UK Foreign Office and international human rights guidelines. Due diligence during contract negotiations would include a Human Rights Assessment, and it would not supply countries where it was not appropriate to do so.  BT itself advises foreign governments – or the private sector organisations providing their telecommunications services – on government oversight capabilities and balancing national versus commercial risk.

Referring specifically to the DDoS threat, BT research reports that 41 percent of organisations globally were hit by DDoS attacks last year, of which 78 percent were hit more than once. Hughes noted that the attacks are now attacking up the stack to layer 7, and BT itself is constantly being tested with new attacks of greater speed, volume and intensity. 

More than ever before, there is a need to scrutinise all traffic itself, all logs, and respond. Cloud-based BT Assure DDoS is intended to mitigate DDoS attacks before they hit the customers' networks.

Hughes also cited recent Gartner figures that indicate ‘detect and respond' currently accounts for 20 percent of infosec spend but forecasts it will mushroom and account for as much as 60 percent of organisations' budgets within five years. 

BT's cyber security team is expanding rapidly as a result and aims to recruit 500 more staff this year to boost numbers to 2000.