BT's Cyber Index reveals the scale of today's cyber threat

Les Anderson, Chief Information & Security Officer

BT’s network is one of the largest in the world. Serving almost 200 countries and territories, we own enough terrestrial fibre to go 1.5 turns around the earth, not to mention satellite and wireless networks. One terabyte of data passes through our network every second. We also operate at an industrial scale, with thousands of applications and hundreds of thousands of users.

We protect our global network from a huge number of cyber attacks, and the scale and complexity of attacks is intensifying. For example, between April to June 2019 we blocked on average 111 million connections to malware sites every month.

As a network service provider, our expertise is in analysing and understanding traffic and data flows across public and corporate networks. We can correlate what we see happening on our network, on our customer’s networks and with external events. We process 600,000 events per second (2.1 billion events an hour) into BT’s Cyber Security Platform, enabling us to proactively hunt threats in real time.

This allows us to understand how and where to put controls in place and how to detect anomalous behaviour that could be an early indicator of an attack, enabling us to be on the front foot in continually tuning and refining security policies and our services.

We want everyone to feel safe when using our services, so we work behind the scenes to protect our customers - from both large scale attacks and more targeted attempts to steal data. We believe that sharing threat information with trusted partners in industry and government is crucial to improving the overall security ecosystem and protects our customers from a wider range of threats than any one organisation can determine on their own.

We’re now sharing some of the information we monitor on the BT Cyber Index. The Index gives a high level view of cyber threats that we protect our customers from on a daily basis and show some of the challenges we’re working against. It includes DDoS alerts, phishing sites taken down, malware sites blocked and scam activity that we act on. Given the breadth of our network, the data it provides gives an indicative view of the wider security ecosystem and a snapshot of the growing threat landscape.

Building awareness of cyber issues is key for improving defences, as it makes people and organisations place more emphasis on their online security, and makes it more difficult for cyber criminals to operate.

For example, the increase in the number of phishing attacks has driven us to do more internal education and training of what to look for, how to avoid being caught out and how to report suspect emails. The training has not only helped protect our own network but has also helped employee’s share the information they’ve learnt at home with friends and family.

Over time the Index will also give a more insightful, long-term view of the trends and developments in cyber security. We’re also working to add further categories and measurements, so that we can provide insight on more types of cyber attacks.

Find out more about how to make security integral to your business.