BT Advise Assure -Security and Risk Management

We can help you to create trust inside and outside your organisation. BT Advise strengthens your cyber security by providing:• Visibility - what is in the network, your

systems, your applications and more• A view of your weaknesses - who and what

threatens your organisation• Remediation of security issues - with

a roadmap of deliverables that can be actioned quickly

• Risk management workshop - to determine the level of maturity of your risk programme and to quantify the potential impact of any risks

BT Advise. Knowledge that delivers

In today’s business world, people expect you to make data available everywhere - in the office and on the move; on company and personal devices. It might be stored in your offices, at a data centre, in the cloud or a mixture of all three. This spread makes your information more vulnerable and puts you at risk of breaching compliance and regulatory laws.

Potential threats• Advanced Persistent Threats (APTs). Most security

breaches classed as APTs can be extremely damaging. For example, one sophisticated threat has attacked 141 companies spanning 20 major industries over seven years. It has a well-defined attack methodology, designed to steal large volumes of valuable intellectual property.

• Distributed Denial of Service (DDoS) attacks. These exploit weaknesses to overload websites, Internet access or applications until they can’t handle normal business transactions (potentially to the point of failure). Over the past year, the frequency and intensity of DDoS attacks have been on the rise, with recent incidents strong

enough to overwhelm many of the largest networks. Although low-level attacks can be countered by smart use of firewalls and IP filtering, the latest attacks are a significant challenge and countering them is cost-prohibitive for all but the largest organisations.

• Operational changes. Some threats increase as you change how your company operates. With growing use of the cloud, a cloud security strategy becomes a vital part of your overall security. Solutions like encryption, access control and data loss prevention can help, but they need to tie in with your overall cyber strategy. A holistic view – and the expertise to implement the solutions – is essential.

• Big Data. There is also an increased need to store data safely for compliance purposes. But Big Data could eventually present an opportunity for analysing data, looking for patterns and predicting possible threats. At BT, we are working on a state-of-the-art artificial intelligence.

Don’t worry, BT Advise can help.

Develop an effective response to threats with BT Advise Assure

Threats to business-critical data

Security should be a priority for every business. We will work closely with you to devise an effective security policy that’s aligned with your business priorities.

Minimise risk: Forewarned is forearmed, so your systems will be thoroughly tested to find any existing issues and identify weaknesses.

Improve security: We can then build a roadmap to help you manage and correct these vulnerabilities, giving you the peace of mind that you are doing all you can to minimise the risk of cyber attack.

Plan ahead: We can also offer advice on new technologies and solutions that could provide further protection.

Respond rapidly: If you’re targeted in an attack, having a business continuity strategy in place will help you to

react faster and keep your business up and running. Our Advise Assure team is there when you need it, providing the technical expertise and on-site assistance to remove malware and fix issues.

Save money. Also available as needed is the BT Virtual CSO (vCSO) offering, enabling you to benefit from vast security expertise, without the expense of having to hire your own full-time staff.

To help you to assess, mitigate and manage risk, we use four main steps:

Pre SalesEngagement

Identifyimprovement

areas

Choose and adoptthe right technologyand operating model

Implementsecurity transformation

to create a comprehensivecyber solution

TIME

BUSI

NESS

VAL

UE

CustomerWorkshop

SecurityConsultancy

Engagements

TechnologyAdvisor

Engagements

SecurityJourney

Partnering

CyberSecuritySolution

• Risk Workshop• Security Showcase & Cyber SDC tour• Cyber Assessments

• Baseline Report and Recommendations• “What if” Scenario• Risk Management Analysis

• Advise Assure Quick Starts• Risk & Compliance Management (Trust Check)• Business Continuity & Resilience• Identity Management• Secure Communications

• BT Assure Threat Monitoring• BT Assure Analytics• Cyber SOC design & implementation• BT Assure Cyber

• Consultancy-led• Risk-focused• Customer speci�c• Experiences, case histories

• Compliance Assessments• Network Discovery• Vulnerability Assessments• Risk Modeling• Asset Identi�cation• Ethical Hacking

• Security Infrastructure Rationalisation• Review of Emerging Technologies• Security Monitoring & Management• Identity & Access Management• Business Resilience Analysis

• Security Awareness• Comprehensive Monitoring & Management• Threat Intelligence• Virtual Security Analytics• Risk Management

Customer Entry Point

Customer Entry Point

CustomerBenefit

Assess Risk

Mitigate Risk

Manage Risk

Customer Entry Point

Outcome

1 2 3 4

How we do it

1 Risk workshops and cyber assessments. Our security consultants will undertake a high level cyber business review, including an APT analysis. This will identify threats, then test and report on your ability to resist such cyber-attacks. You’ll gain a clear understanding of your current resilience/recovery capabilities and will have access to a range of solutions that can be deployed to support a holistic business continuity strategy.

2 Compliance assessments. We’ll then look for further vulnerabilities. BT has enormous experience in every market segment, giving us an advantage over local suppliers. We’ll look at your applications, mobile devices, systems and network to see how secure your business-critical systems are. Working to fixed timescales and costs, we produce deliverables that you can action quickly.

We will then review your current risks against your desired risk profile and provide a road map to help you manage your vulnerabilities. We can also undertake ‘ethical hacking’ or Penetration Tests to demonstrate the consequences of a hacker exploiting these vulnerabilities, simulating fraud, data theft and illegal fund transfer. Using BT Professional Services, you can then mitigate the issues identified.

3 Technology advice. This often involves rationalising the security infrastructure, recommending technologies for the future, looking at monitoring and management, addressing business resilience and making identity and access management recommendations.

Using BT tools and/or industry standard methodology, BT Advise Assure can perform a risk assessment of your business to determine the level of maturity of the risk programme and to identify areas requiring immediate attention. Our report will include the results and

recommended steps needed to enhance your security risk programme. Our TrustCheck tool, based on ISO 27001, uses a modular approach to risk assessment, ensuring we focus our review on those areas most critical to your business.

BT Advise has worked with specialist partners to create multiple solutions against DDoS attacks. Some are fully-managed and re-route traffic from your corporate network to scrubbing centres worldwide to keep DDoS traffic from affecting your customer websites and applications. Others are based on your premises to give detailed device-level information and automatically block further attacks by instantly sharing findings across the network.

4 Help with your security journey. We’re often asked to help implement security transformation projects to combat threats on an on-going basis. This involves monitoring and mitigating the impeding threats and covers such areas as analytics, SOC design and implementation.

Information security is vital and companies need the right person or team to protect them against potential vulnerabilities and security breaches. However, many firms find hiring a full-time staff too costly or time-consuming. BT has therefore developed vCSO, a full service covering all the duties of a Chief Security Officer. A vCSO can be brought in on-demand or on a retainer basis to analyse the current security infrastructure, identify areas of improvement and help develop, implement and update policies and procedures.

Our consultants are available to assist with specific incidents. Our priority is identifying the vulnerability exploited and closing the hole, removing any malware from your network and getting your systems back online quickly.

Why BT?Why BT Advise Assure - Security and Risk Management?

Speak to your BT Account Manager for more information on how BT Advise could help you to transform your cyber security.

With more than 4,500 professionals globally (over 700 of whom are BT Advise Assure experts) our team is extremely experienced. Around a third of them have over ten years’ experience. You’ll have access to specialists across our solutions, programme and technical groups, as well as experts in Managed Security Services (MSS).

• Risk and Compliance Management is a particular area

the development of our TrustCheck and SRAM tools.

• We work closely with many key vendors, sharing insight and approaches, so we have a real understanding of the technology involved.

• We have an excellent track record, with over 400 Advise Assure customers across the globe, from both private and public sector organisations.

• manufacturing, retail, government and healthcare sectors.

• We have the vision, commitment and investment to deliver the next generation of networked IT services on a global scale.

• Our BT Advise Assure team is highly professional. They have in-depth technical expertise and are available 24x7x365.

• We have long-term relationships with many of our customers. This helps us improve our solutions, because we really understand their business challenges.

• Our impressive track record of innovative commercial approaches includes the BT-developed TrustCheck and SRAM tool.

• We’re recognised as an industry market leader - listed in Gartner’s Leaders Quadrant in its “Communications Outsourcing and Professional Services Magic Quadrant” report.

• We combine IT knowledge with our famous communication heritage, which sets us apart from traditional players.

Offices worldwideThe services described in this publication are subject to availability and may be modified from time to time. Services and equipment are provided subject to the respective British Telecommunications plc standard conditions of contract. Nothing in this publication forms any part of any contract.

© BT Communications Ireland Ltd

Registered office: Grand Canal Plaza, Upper Grand Canal Street, Dublin 4 Phone +353 (0)1 4325000 Freephone 1800 924 924 Registered in Ireland No. 141524

Find out more about BT Ireland

www.btireland.com

Freephone 1800 924 929

business@btireland.com