With the advent of big data and the Internet of Things, there are now more devices connected to the network than ever before, with billions more due to come online in the coming year. In parallel, more data and applications are hosted by third party providers, and cyber criminals are constantly creating new forms of cyber-attacks targeted at businesses, governments, infrastructure and individuals.
The security threat landscape is confusing and changing rapidly – with so much out there, how do you understand where the true risks are?
For some companies, this is a ‘new’ consideration – however, for BT securing information, data and communications has been part of our DNA for over 70 years. Because of BT’s global scale and customer base, our security activities must be truly 24/7 – and across all time zones. Every day, we protect our network against more than 4,000 cyber-attacks coming from nation states, cyber criminals, hacktivist groups or rogue individuals. They’re all after the most valuable commodity of our age: data – the currency of the internet. And they’re targeting all of us - individuals, organizations, and governments are all contending with the same issue.
Tackling the well-resourced nature of cybercrime will need a collaborative approach between industry and governments, one that addresses the global shortage of cybersecurity professionals and builds collective resilience as an industry.
Communications Service Providers (CSPs), such as BT, are in a unique position to work closely with governments to address the issue. We work closely with the UK National Cyber Security Centre on the Active Cyber Defence programme, which aims to prevent the vast majority of ‘unsophisticated’ cyber-attacks against the UK. Through this programme and our wider monitoring capabilities, we’re blocking around 135 million connections to malware sites on our network every month.
"The scale and pace of the cyber threat dissolves traditional barriers between competitors"
BT also has active relationships with leading law enforcement authorities such as Interpol and Europol, with whom we share knowledge & technical expertise that allows us to collectively identify and respond to cyber criminality.
As the importance of security and the scale of the threat grows, we’ll be increasing the size of our security team by 25% over the next five years and raising awareness about the great career opportunities in cybersecurity. We know that we’re not alone in expanding our security business, and that the demand for cyber employees is outstripping the supply.
Both industry & government share a responsibility to tackle the cyber skills gap. There are numerous initiatives which look to raise awareness among young people of careers in security and encourage them to pursue the technical skills and qualifications which open opportunities in the sector.
We need to help people understand what roles in cyber security look like, and how to prepare for and attain one at all stages of their career journey. One of the key ways to tackle the issue is to focus on mid-career transfer and attracting people with similar skill sets and the right aptitude into the sector.
Meeting the demand will also need a National Security Strategy that reflects and reacts to the needs of the economy and well as supporting the Government’s own infrastructure aims. Incentivising and rewarding companies that invest in skills for the UK workforce is also key.
But it’s not just about partnerships between companies and governments. The scale and pace of the cyber threat also dissolves traditional barriers between competitors, which means businesses need to change some of their normal ways of working. After all, it’s not often that you choose to share information that will directly help your closest competitors to improve their services.
However, enhancing our competitors’ defences is not just a civic duty – it helps to build our collective resilience as an industry and as a country. Making it more difficult for attackers to be successful will help create a safer ecosystem for UK companies & citizens. But this responsibility is not ours alone. All businesses, no matter their size, have a duty to make sure that they are properly protecting their customer data and providing products and services that are safe and secure to use online. It is only when we all accept this responsibility and work together that we have a fighting chance against cyber attackers.
This piece features in Prospect’s new cyber resilience supplement