For Melanie, BT’s Head of Intelligence for Threat Intelligence Investigations, two days in her world are never the same.
My days are diverse and split amongst many different areas.
Melanie Johnstone, Head of Intelligence for Threat Intelligence Investigations
“There’s no such thing as an average day. My team identify threats before they damage and disrupt a business. I have a responsibility for a number of different areas, threat intelligence, intelligence around our retail estate, our network, our content protection - BT Sport and fraud. So my days are diverse and split amongst many different areas.”
Knowing that an attack can happen anytime is priceless, and with 2,500 experts constantly watching, learning, predicting and responding to threats, ensuring threat monitoring is professionally managed is paramount.
“If I come across two incidents that are the same, then I've probably failed at my job”, added Amy, Head of Security Incident Response and motorcycle enthusiast. “We’re meant to manage incidents and to try and stop them reoccurring. So, we work across all lines of business to pull in the right people from around the world to make sure that the incidents are dealt with and responded to correctly.”
Along with nerves of steel and an appetite for risk, having the right personality is also important, and Amy’s personal interests reflect this. “I’ve never really looked at it like that, but you’re probably right, I ride a motorcycle to work, and I’ve done a fair few adrenaline challenges - so you could say it goes with the territory.”
The impact and volume of cyber-attacks is increasing globally. Defending against complex, and multi stage attacks is a key challenge and failure to be adequately protected is leading to loss of data, revenue, brand reputation, and customer loyalty.
At BT we perform over 1,000 ethical hacks annually
Konstantinos Karagiannis, CTO, Security Consulting, Americas
At 6’ 6” and black clad, Konstantinos looks like he’s just stepped off the set of the Matrix. Having flown in the night before for the event, BT’s CTO, Security Consulting, Americas showed no signs of jet-lag.
“Yeah so my role is pretty technical. At BT we perform over 1,000 ethical hacks annually on our systems and networks, helping to defend against over 1.4m cyber-attacks per year. I tend to hack into banks and other financial institutions to help keep our customers safe. And I get to spend a lot of time evolving our methodology for attack.”
Talking to Konstantinos it’s clear that he lives and breathes security. A regular on the global security speaking circuit, talking and meeting like-minded people is something he thrives on. “I get to talk to our customers to find out what’s going on in their organisations, I also get the opportunity to present a lot of our findings at conferences and share our vision of the evolving threat landscape with the world.”
A physics major, Konstantinos started out ‘cracking games’ and sharing them with friends, before deciding to put his skills to real use. “I eventually gave up on gaming and started looking at security products. I decided that I would use that sort of desire to break things in the real world as it were”. This change of direction led to his introduction to ‘ethical hacking’, now 15 years on with 12 of those at BT, Konstantinos still likes to be on the front line. “I’ve moved up the ranks, but I still keep my hands very much on the keyboard.”
With the threat landscape evolving at breakneck speed, attackers becoming increasingly sophisticated, and going for the “juiciest targets” Konstantinos points to the need for companies to be on the front foot and the rear guard, at the same time. “At BT it’s pretty great because besides the offensive side, when we attack we also have that great defensive side where you know we literally see half the world's traffic, so we see attacks, we spot trends and other malicious actions, and can act to defend our customers - there’s a real sense of responsibility here.”
Our team feel a responsibility to their customers.
Amy Lemberger, Head of Security Incident Response
On the subject of responsibility, Amy adds. “Being a BT employee there is sense of pride, our team is made up of really talented individuals who do feel a responsibility to their customers, and toward protecting the network. Millions of people across the UK and around the world depend on us to keep them secure in cyberspace”
Teamwork is another area of focus, working on highly sensitive projects, trust is a key priority. “We focus a lot on team building and building bridges. BT is such a huge network of teams, and we work tirelessly to bring the right people face to face operationally on the ground to talk to each other, and get to know each other, and learn about what other people do, how they do it, and why they do it, added Melanie who started her career with Strathclyde police investigating organized crime, kidnappings and murders.
“I never desired to get into security, I just always asked why. I am inquisitive by nature, why is something happening the way it is, why are people behaving the way they are… Now at BT, I’m continuing to chase the answers to these questions. I am in a position where I can help keep people stay safe in an online world, which is anything but constant.”
We’re working with customers, ISPs and the NCSC to share skills and resources.
Tom Baker, CIO for Major Corporate Business
One thing that is however constant is the need to share information adds Konstantinos. “I come from a very open source background, where it’s all about sharing, to identify and fix bugs and keep information flowing. We have a common enemy today and while in the past we’ve kept tools and secrets to ourselves, security is changing and evolving and we've realised sharing is the way forward. That's what we were talking about at the round table, the need to share information to protect ourselves, but also others.”
In concluding the meeting of minds, Tom Baker echoed the sharing ‘theme’. “Partnerships are critical as we move into a new era of digital transformation. Organisations need to put the right processes and systems in place to counteract threats, starting with employee education on security best practice.
“For our part we’re working with many of our customers here today, as well as law enforcement agencies, ISPs, and the National Cyber Security Centre (NCSC), to share skills and resources. At BT we have scale and insight - there are very few other providers who are in 190 countries. That means we can help any organisation to assess and manage their security risks.”
To find out more, please call us