BT  Security  

Mark  Hughes,  President  BT  Security  

Securing  enterprise  ICT  

2  BT  Security  

3  BT  Security  

Securing  your  organisa:on  and  data    

4  BT  Security  

Shellshock  interna:onal    media  coverage  

Shellshock  bug  in  bash  could  spawn  worm  

Shellshock,  which  was  discovered  on  24th  September  2014,  has  been  described  as  the  “worst  ever  computer  bug”  and  as  the  bug  that  could  poten:ally  cause  the  “internet  meltdown”  

Why Shellshock is bad news for the Internet of things

Security experts expect ‘Shellshock’ software bug in bash to be significant

Shellshock,  the  major  security  flaw  discovered  “almost  by  accident”  by  French  

Shellshock: The latest security superbug explained

Shellshock  draws  hacker  aAacks,    sparks  race  to  patch  bug  

Cyber-­‐aAack  alert  as  Shellshock  bug  scores  top  danger  raCng  

Hackers  exploit  ‘Shellshock’  bug  with  worms  in  early  aAacks  

5  BT  Security  

…  to  tackle  issues  like  the    Heartbleed  bug    

On  Monday  7th  April,  BT  was  alerted  to  the    Heartbleed  global  vulnerability  in  OpenSSL  

Some  of  your  security  colleagues  described  it  as:    “Like  someone  had  set  the  internet  on  fire.”  

Heartbleed hacks hit Mumsnet and Canada's tax agency

Heartbleed bug poses the biggest threat to your bank security yet by allowing hackers to snatch credit card details online Panic on web as Heartbleed bug

leaves millions of users vulnerable Major bug called Heartbleed exposes internet data

Programming ‘accident’ caused Heartbleed bug 50 million Android phones may be affected

Heartbleed  Bug:  Public  urged  to  change  ALL  passwords  over  major  computer  security  flaw  

Big tech companies offer millions to help with Heartbleed crisis

6  BT  Security  

Growing  complexity  

OrganisaCons  face  increasing  challenges  in  bolstering    their  defences  as  this  depends  on  being  able  to:    

1  Integrate  security  solu:ons  

2  Assemble  and  exploit  the  full  poten:al    

3  Tailor  solu:ons  to  secure  and  protect  

What  our  customers  are  telling  us  about  their  security  challenges…    

30%

24% 16%

17%

13% Not enough IT staff

Lack of integration between solutions

Complexity of security solutions

Too many point solutions to manage

Lack of IT expertise

Budget  constraints  and  skill  shortages  

7  BT  Security  

Top  10  Ques:ons  when  assessing  Corporate  Cyber  Risk  

1.  Do  you  know  how  much  a  cyber  event  would  cost  your  org?  And  workings.    

2.  What  is  the  most  important  infrastructure/informa:on/assets  and  why?  

3.  What  are  you  most  cri:cal  Applica:ons  and  what  do  you  do  to  test  and  check  

the  Development?  

4.  What  are  you  monitoring  proac:vely,  how  do  you  baseline  normal  and  what  do  

you  do  when  you  pick  up  an  anomaly?  

5.  What  links  do  you  have  with  other  Security/Government  type  organisa:ons  do  

you  have?  And  who  are  they?  

6.  What  are  you  geXng  your  network  provider  to  do?  What  DDoS  Protec:on  do  

you  have  in  place?  

7.  Do  you  know,  audit  and  control  what  access  you  Partners  and  Third  Par:es  have  

to  your  Cri:cal  Data  

8.  What  veXng  or  legal  recourse  do  you  have  with  your  partnership  contracts  

9.  Do  all  of  your  privileged  users  know  the  value  (and  risk)  of  the  data  asset  they  

are  charged  with  

10.  How  big  a  part  does  employee  behaviours  play  in  your  Cyber  Defence  strategy  

8  BT  Security  BT  Security   8  

Cyber  defence  opera:ons  in  BT  

Apply  a  risk-­‐based  approach  

Invest  in  tools  

Build  on  heritage  and  organise  for  success  

Invest  in  behaviours  

Invest  in  people  and  skills  

Consolidate  detect  and  response  skills  

Understand  our  cri:cal  assets  

Increase  security  reduce  impact  and  cost  

9  BT  Security  BT  Security   9  

•  Agile  fusion  of  informa:on  feeds  from  mul:ple  sources  

•  Ar:ficial  intelligence  based  knowledge  management  and  interac:ve  visualisa:on  

•  Interac:ve  human/machine  data  analysis  for  iden:fying  pa`erns  or  links  

•  Enabling  automa:c  no:fica:on  of:  – Failures  – Anomalies  – Poten:al  threats  – A`acks.  

Assure  Analy:cs  

Scru:nising  the  unthinkable  so  our  customers  don’t  have  to  

The  future  of  a`acks  

•  Likely  to  increase  with  more  sophis:cated  methods  used  to  defeat  advancing  defences  

•  Mo:ves  changing  from  hackers  gaining  bragging  rights  to  making  money,  consequently  the  complexity  of  coordinated  a`acks  is  rising  making  it  more  difficult  to  track,  trace  and  mi:gate  

•  Increase  in  Social  media  and  “Apps”  as  a  method  of  a`ack  

•  Use  of  trusted  technology  e.g.  SMS  or  Voice  mail  to  trick  users  into  Phishing  sites  

•  Accessing  personal  informa:on  to  damage  reputa:ons  or  facilitate  fraud  

•  Targe:ng  mobile  devices  and  unsecured  guest  wireless  networks  to  infiltrate  and  perpetrate  a`acks  

•  SCADA  probing  and  explora:on  of  control    system  a`acks  –  terrorism  

•  Con:nued  DDoS  and  increases  in  Intellectual  Property  Loss.  

11  BT  Security  BT  Security   11  

BT’s  learning  

•  Cyber  is  an  evoluCon  of  tradi:onal  risks  •  Tradi:onal  risks  are  no  less  important  

•  This  is  an  arms  race  –  constant  evoluCon  is  needed  

•  The  long  game  –  do  you  know  what  normal  looks  like?  

•  You  have  to  understand  and  value  your  assets  and  the  business  risk  appe:te  if  you  are  to  protect  them  

•  Horizon  Scanning  –  use  of  tools  to  change  data  into  intelligence    •  Apply  business  context  to  allow  focused  defences  –  people  make  the  difference  

•  Sharing  InformaCon  is  vital  to  maintain  an  equal  foo:ng  with  adversaries.  

12  BT  Security  

Security  is  as  much  as  art  as  a  science