Beyond.SecurityCyber Defence Quick Start Service

BT Quick Starts are concise, service-led engagements that help our customers to understand and shape their business case for change. Our approach is all about delivering consultancy and professional services based on what is right for your business. Having completed our quick start process, you will have a clear roadmap for transforming the way in which your organisation is protected from cyber threats and attacks.

The BT Cyber Defence Quick Start involves working with our highly skilled and experienced cyber defence team, who will guide you through your quick start journey.

We offer:

• amodularapproachthatgivesyouflexibilityandtheabilitytofocus on what is most important to your business

• phased delivery so that you can take one step at a time

• simple engagement

• clear pricing

• clear outcomes and actions: we deliver a comprehensive report of all discoveries, issues, areas of concern and recommendations for your current cyber situation.

This Quick Start has been designed for any customer who feels that they need to know more about how their organisation could be at risk from cyber threats.

Understanding the cyber threatCyber attacks are on the increase in both public and private sectors around the globe. It seems that almost every week the media report on yet another serious security breach and that no one is immune.

Two of Sony’s online gaming services were recently hacked, resultinginthetheftofconfidentialdataofmorethan100million customers1.Citibankhasconfirmedthathackershavestolen data from thousands of their customers in the US2. Acknowledging this, the UK Government has announced cyber terrorism as one of the greatest threats to the UK and has formed theOfficeofCyberSecurityandInformationAssurance(OCSIA)in response. The stated aim of OCSIA includes the provision of strategic direction on cyber security and ensuring the UK’s information and cyber security capability and architecture are improved and maintained.

One key initiative of the OCSIA is to place the onus on both UK Government departments and commercial organisations to put in place better preparations and cyber defences. An investmentof£650millionoverfouryearsisbeingmadebythegovernment to strengthen its defences against cyber attacks and similar initiatives are being echoed across the private sector, as organisations become ever more aware of the threats posed.

BT Global Services

1http://www.bbc.co.uk/news/business-13451990

2http://www.bbc.co.uk/news/world-us-canada-13587785

3 Securing Britain in an Age of Uncertainty: The Strategic Defence and Security Review,HMGovernment,October2010

We need to be prepared as a country to meet this growing challenge3.David Cameron and Nick Clegg

Counting the cost

In fact, some organisations may never recover from a serious cyber security breach as hackers, both external and internal to the organisation become more sophisticated. As more breaches aremadepublic,itmotivatesfurtherthreatactors(thosewhocarryoutcyberattacks)tomountcyberattacksoftheirown,inturn giving rise to even greater volumes of attacks against a wider range of targets.

ArecentreportreleasedbytheCabinetOfficeestimatesthatcybercrimecoststheBritisheconomysome£27billionayear4. And with new threats emerging all the time, you need to safeguardyourorganisationwithproactive24x7monitoring,detection and response – without cutting corners or breaking the bank.

This is where we can help you.

Key role of human intelligenceOur philosophy is underpinned by a belief in the importance of human intelligence.

No matter how advanced technology becomes, there will always be an attack that will get around it. That is why our people are key toourservice.Noonehasmoreexperiencedandmorequalifiedsecurity analysts than us. Our people are all required to undertake continuous professional development in network security to ensurethattheyremainleadersintheirfield.

About the BT Cyber Defence Quick Start serviceThere are two main components to our Quick Start service:

• Cyber business review

• Cyber Assessment

Our experienced security consultants will undertake a high level cyber business review. This will help us outline your business priorities and also determine the scope of the subsequent assessment activities.

Next, we carry out a series of Cyber Assessment activities to test and report on your ability to resist cyber attacks. This includes our AdvancedPersistentThreat(APT)analysis,whichatthehighestlevel, aims to identify targeted technical attacks that may be specificallytargetingyourorganisation’sintegrity.

Having gone through the assessment, we will deliver a report with targeted strategic and tactical recommendations to provide increasedconfidenceandpeaceofmindthatyouaredoingallyou can to minimise the risk of a cyber attack.

On completion of the Quick Start we can work with you on any nextstepsthatareidentified.Thismayincludeademonstration of our comprehensive range of Cyber Defence Managed Service (CDMS)capabilities.

The processCyber checklist

The BT Cyber Defence Quick Start begins with completing a simple security checklist which enables a high level discussion to take place. This checklist does not require technical input but should be completed by a senior member of staff who is aware of your current security provisions and status.

High level cyber business review

Next we will run a workshop to gain an understanding of your organisation and its current environment, along with your view of the key business risks and perceived threats. In this session we’llalsodiscussandunderstanddefinitionsofyourkeybusinesspriorities, your main operational activities, the delivered ICT estate and key applications, along with your service delivery organisations.

We’llusethisinformationtoagreethespecificassessmentactivitieswithinareasthatarejudgedtobeofsignificantrisk or of critical importance to your organisation.

Output:

The main outcome for the session is an agreement which outlines the scope of work for the Cyber Assessment and any activities and responsibilities for both parties. It will also include pricing for the identifiedCyberAssessmentactivities.

Cyber Assessment activities

As part of our approach to comprehensive cyber security assessment, our experienced security consultants undertake a range of parallel Cyber Assessment activities to understand your organisation’s current cyber security position.

Cyber security effectiveness assessment

The cyber security effectiveness assessment will review existing capabilities at a targeted level including areas such as:

• processes

• technologies

• measures

• policies.

Output:

• areportoffindingswhichwillincludeyourabilitytoresistcyber attacks and your ability to protect your information and that of your customers

• your assessed maturity level

• roadmaps providing a clear path towards your desired outcomes.

At the end of this phase of engagement you will have a clearer view of your current cyber security position with a clear set of recommendations.

Network discovery

Wewillscanspecifiedregions(IPaddressranges)ofthetargetednetwork to determine its actual topology and boundary.

Vulnerability analysis

Wewillscanandprofiletargeteddevicestoidentifyknownvulnerabilities within the monitored IT estate. We’ll evaluate and present the results along with suggested mitigation and remedial actions to reduce the risk.

Risk management

We’ll provide risk-based evaluation and prioritisation of vulnerabilities by correlating the results of vulnerability scanning with known threats. This enables the impact analysis of vulnerabilities and threats. We can then determine mitigation options through the simulation of attack scenarios and generation of risk reports.

APT analysis

The main purpose of our APT analysis is to proactively detect the type of advanced cyber attacks which are being targeted at your organisation. The term APT is commonly used to refer to cyber threats, in particular internet enabled espionage, but applies equally to other threats such as traditional espionage or attacks. APTs are both the capability and the intent to persistently and effectivelytargetaspecificentityandtheseattackscouldbestatesponsored, organised crime or from other “threat actors”.

APT targeted attacks could mean that your organisational data is under threat along with your Intellectual Property Rights (IPR)andpotentiallyyourcustomer’sinformation.Thesekindsofattacksmayhaveasignificantadverseeffectonyourcorebusiness services, operations and your reputation.

As part of this analysis we will undertake the following:

• fullpacketcaptureofnetworktraffictransitingpredeterminedmonitored links

• analysetraffictoidentify“knownbad”indicators(forexampletarget domains known to be associated with state sponsored activity)andanyotherirregularbehaviour.

Output:

• areportofthecurrentlyidentifiedvulnerabilities,threats,risksand APTs to your organisation

• areportoffindingswhichwillincludeyourabilitytoresistcyber attacks and your ability to protect your information and that of your customers

• an indication of your potential cyber maturity level

• tactical recommendations including prioritised enhancements baseduponourfindings

• strategic recommendations and roadmaps for new services which would provide more effective management of the cyber risk.

BT Global Services

The consequences of a cyber attack are far reaching. Apart from the

obvious damage that hacking causes to systems and networks, negative

press, loss of credibility, loss of customers (and revenue) and long-

term damage to brands can set organisations back decades.

SOLUTION

Human intelligence combined with best in class technologygives you the proactive defence you need.

Cyber Defence Quick StartProactive Cyber SecurityR&D-Research & DevelopmentCyber Counter-Intelligence

Cyber Defence Quick StartSecurity Monitoring & ReportingCyber Counter-IntelligenceCyber Maturity Assessment

Security NetworksHolistic Security ViewIntrusion Prevention ServiceDDOS MitigationFully Accredited to ILS

STATE SPONSORED ESPIONAGESMI’S - SUBVERSIVE MULTIVECTOR THREATSAPT’S - ADVANCED PERSISTENT THREATS

ORGANISED CRIMEINDUSTRIAL ESPIONAGEANONYMOUS THREAT

HACKING ATTEMPTSDDOS ATTACKSGENERIC MALWARETROJANS & WORMSINSIDER THREATS

THREATS

Getting the basics right

World class

operational management

Our

expertise

Cyber DefenceManaged Service (CDMS)

CDMS Intelligence

CDMSPeople

4TheCostofCyberCrime,DeticaLtdandTheCabinetOffice,February2011

OfficesworldwideThe telecommunications services described in this publicationaresubjecttoavailabilityandmaybemodifiedfromtimetotime.Services and equipment are provided subject to BritishTelecommunications plc’s respective standard conditions ofcontract. Nothing in this publication forms any part of any contract.

©BritishTelecommunicationsplc2011.Registeredoffice:81NewgateStreet,LondonEC1A7AJRegisteredinEnglandNo:1800000

6/3/2011

http://www.globalservices.bt.com

BT Global Services

What next?Talk to us today

Please contact your BT account manager for more information, or to arrange a BT Cyber Defence Quick Start for your organisation.

Alternatively e-mail: onedeskdefence@bt.com or call: 0800 783 9053.

Demonstrations at the BT Defence and Security Cyber Showcase

Presentations and detailed demonstrations of our Cyber Defence Managed Service capability are available at our Cyber Showcase. Please contact us to schedule a session.