Detect and respond effectively to threats in a remote work environment

By and Anthony Aurigemma | 7 minute read | October 28, 2020

COVID -19 didn’t create entirely new security threats or trends—but it did massively increase the scale and pace of change in ways that were previously unimaginable. Many businesses had to make rapid shifts to the cloud and remote working without the time to fully consider the security implications. Occasionally, they even had to loosen or remove security controls to help address capacity constraints that were brought on by the break-neck shift to remote working.

Now that we have moved beyond the initial reaction to COVID-19, many organizations are looking for their longer-term security strategy. The reality is that the changes that were initially planned to cover a few months, may have to become permanent.

We spoke with two experts, David Stark, Security Portfolio Director, BT and Anthony Aurigemma, Vice President Global Security Sales, IBM to find out their perspectives on how these changes affect organizations.

BT provides security solutions to consumers, governments and businesses across 180 countries, utilizing 3,000 security specialists and 16 Security Operations Centers around the world. BT’s experience in protecting these customers, critical national infrastructure and our own networks against 4,000 cyber-attacks a day gives them a unique insight on security activity and trends. BT has been working with customers across the globe to secure the huge changes they’ve had to make to their operations in 2020.

As organizations move beyond initial short-term fixes to fundamental long-term changes to their ways of work, BT is seeing a shift in attitudes, David remarked:

We have increasingly seen that organizations are taking a more holistic view of their security issues, where the impact of COVID-19 needs to be considered one of many challenges for the future, rather than the sole, overriding priority. The impact of COVID-19 has also definitely led to a shift in the way organizations are seeing the value of investing in security, and are focusing on the value and importance protection over possible cost savings.

The crisis has shown that those companies who had invested in comprehensive security strategies were able to more efficiently transition to remote working and are now at significantly lower security risk than those companies currently trying to expensively add on security protections.

IBM is one of the largest enterprise security vendors in the world and according to Anthony:

From early on, COVID-19 had a massive impact on how and where we worked. Like many other employers, IBM transitioned its employees to remote work, with nearly 95% of IBMers working remotely. This shift created a changing security risk for organizations as well. From March 11 until May 8, 2020, IBM X-Force observed a greater than 6,000% increase in coronavirus-themed spam*, as well as a corresponding increase COVID-19 related malicious domains. These changing threats, as well as the need for many organizations to scale up their use of VPNs and to add support for previously unmanaged devices, meant that security teams needed to look at how they were monitoring networks and   endpoints for suspicious activity. Better use of user and device behavioral analytics has helped to offset some of these challenges and allowed organizations to continue to provide access to critical systems and data.

As security leaders shift to a longer-term view of the needs of the business, we are seeing huge interest in adopting a Zero-Trust strategy. This approach no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access. The goal here is that this strategy will help organizations to better manage the risks in a distributed environment by providing users with the appropriate level of access to relevant services or data. Many organizations we work with are on their own Zero Trust journey and, by applying better context and data to decision making, security teams can establish clear rules around levels of access and entitlement which can then be scaled out across the business.

Things to consider in a distributed security environment

Cloud adoption causes changes to how data is distributed and stored. David believes that businesses need to move away from enacting certain security measures because they’re expected to, or as they’ve done in the past:

In the cloud, tech choices can’t be taken in isolation; it’s not just about solving one problem. Security strategies now need to explore where this tech will fit into the whole—what it will connect to and how—so that they can protect a hugely increased threat surface area.

Cloud security is now an absolutely fundamental part of protecting your business. An organization that fails to consider how they’ll secure their cloud services, alongside how their employees are accessing data from a much greater range of locations and devices, is at huge risk. As more organizations make the move to the cloud, so do the criminals looking to exploit them too. Ultimately, the challenge is how do you holistically and accurately assess the risks, given the scale and size of the cloud? And then how do you give confidence to the rest of the business that your security is doing enough to protect your most critical assets, wherever they reside?

Anthony agrees:
Integrating cloud into your existing enterprise security program is not just adding a few more controls or point solutions. It requires an assessment of your resources and business needs to develop a fresh approach to your culture and cloud security strategy. To manage a cohesive hybrid, multicloud security program, you need to establish visibility and control. We always tell our customers to:
 – Define their future state
 – Build for and move to the cloud securely
 – Execute continuous threat management and resiliency

IBM hybrid cloud software and services help you align your security strategy to your business, integrate solutions that protect your digital users, assets, and data; and deploy technology that can manage your defenses against growing threats with AI, all within an open, multicloud environment.

You can trust that your business is protected no matter what remote platform your employees use, whether it’s Zoom, Microsoft Teams, Slack or others.

Detecting and responding to threats

BT and IBM work together to help both large and midmarket organizations detect and respond to threats. David and Anthony shared their thoughts on the benefits of the BT and IBM security relationship:

BT and IBM each bring their highly complementary elements to this relationship.
At BT, we have a huge range of customers, from household consumers and small businesses, through to government entities and global multinationals. Security sits at the foundation of all the services that we provide, and as a result we gain a huge amount of expertise and data on security threats and trends, said David.

IBM is one of our most important partners in bolstering our insight and capabilities in security. We have developed a strong, collaborative relationship over a number of years, with IBM playing a big part in the development of our Threat Management and Threat Analytics solutions. In fact, we recently undertook a comprehensive review of our suppliers and the security ecosystem as whole, and designated IBM as one of our Strategic Partners. This recognizes that IBM are one of the few companies with the portfolio, technology and reputation to support our ambitious growth plans for BT Security.

BT and IBM are committed to building the right security strategy and strong collaborative relationship.
BT’s security services provide managed security services incorporating set up, deployment, and in-house management, safeguarding large businesses from malicious attacks, said Anthony.

Additionally, BT’s global network of security operation centers monitor the network 24/7 to detect and mitigate cyber threats, and deliver the full management of platforms to include software updates, application patches and access to new products.

Bottom line, organizations need to look closely at their longer-term security strategy. They need to re-think the value in their security investment, and focus on protection, over possible cost savings. It’s never too late to focus on long-term security strategies, and BT and IBM have partnered to provide companies with comprehensive security services designed to help them achieve their goals.

Learn more about IBM and BT and their security offerings:


*IBM Institute for Business Value. COVID-19 cyberwar: How to protect your business.