Tell us a bit about your experience to date?
I have over 20 years security experience and have been with BT most of my career. I became Deputy CISO in 2018, delivering the multi-layered and multi-year security investment strategy, designed to keep pace with the rapidly evolving global threat. Prior to my operational role, I helped to define and launch BT’s governance, risk and compliance portfolio. I am a graduate of Queen University Belfast, with a First-Class Honours in BSc Information Technology.
What position do you hold/ what are your main responsibilities?
My current role is Deputy CISO and General Manager Cyber and Physical Security Operations and Programmes. I lead the team responsible for the intelligence led cyber and physical security operations across the company. We help businesses world-wide protect themselves against over 1.4 million cyber-attacks per year. My job is to ensure that BT can detect, protect and recover from cyber and physical attacks in the UK and across the globe. This means looking after our people, data, infrastructure and buildings across both the real and virtual world.
I am passionate about using BT’s unique view of global networks, allied with big data technologies, and world class specialists, to push the boundaries of pro-active and predictive security.
What kinds of clients do you work with in Ireland?
BT works with MNC security clients across several sectors in Ireland from Banking and Financial, to Manufacturing and Pharmaceutical as well as Aviation and Telecommunications in addition to Public Sector customers.
What are the biggest cyber security risks businesses face today?
Social Engineering including phishing accounts for about 30% of the breaches in 2020. Ransomware has grown in 2021 and as seen in the media can have large impacts on an organisations ability to operate. Third Party software vulnerability and cloud computing vulnerabilities continue to play a big part in the scale of attacks we’re seeing. Lastly, DDoS attacks are still continuing, sometimes for ransom but often as a smokescreen for data exfiltration or simultaneous attack.
What steps can businesses take to protect themselves in an evolving risk landscape?
Get the foundations right, embed security as a culture. Review your personas to understand your overall risk profile. Stay on the front foot with actionable intelligence. Automate more of your security defenses.
Why is recovery such an important part of how organisations prepare for inevitable cyber threats?
Having the ability to recover critical systems and data from a secure and unaffected back up may be the best way to recover service and minimise downtime. Planning for the worst means that when incidents happen, an organisation can respond much faster and more effectively. All responders know the part they play and how to invoke key known working processes and procedures.
What solutions are BT offering businesses at this time of heightened Cyber attacks?
BT Ireland offers Managed Security solutions across a range of security solutions in SD-WAN, cloud, endpoint, network, data and applications and identity. In our Threat Management portfolio we combine our own research in visual analytics and anomaly detection with the innovative technologies of partners.
In addition, BT Ireland’s Security Advisory Services offer strategic security guidance and solutions to organisations across the globe. The practice assists organisations at all stages of their security journey to assess and test their defenses and select the solutions that match their security needs – whether that requires building an entirely new security strategy or upgrading their protections to combat the latest threats and trends.
Steve will be speaking at the 2021 Cyber Security Summit on Tuesday October 5. For more info see www.cybersecuritysummitc.ie