Sponsored by:
Produced by:
Sam Watkins
SENIOR MANAGER,
TV & BROADBAND SECURITY
How has digital security needed to evolve in recent years?
Modern businesses face a very unique challenge when it comes to digital security. Phishing scams are more prevalent than ever before, with one accidental click being all it takes to cause chaos within a business and risk exposing customer data. It’s been known for a while that properly training your staff and putting robust security measures in place can help to minimise the chances of succumbing to such an attack. But now that employees have started to expect more flexibility within their working lives, particularly with where they conduct their work from, businesses need to consider how they ensure security out of their owned working environments.
As a telecoms provider, our need for security and flexibility doesn’t stop with our employees though. We have to reassure every one of our customers too that our defence systems are strong enough to prevent even the most extreme attacks. Customers have to know that their personal data is secure when using our products and services, whether that’s in their home or elsewhere. Put simply, if we can’t reassure them of a secure experience then we will lose them as a customer.
Now that employees have started to expect more flexibility within their working lives, particularly with where they conduct their work from, businesses need to consider how they ensure security out of their owned working environments.
Making sure that your code is secure from day one is the best way to prevent malicious attacks and avoid being bogged down in reams of data when trying to test the stability of code further down the line.
What can businesses do to minimise cyber threat when introducing a new product?
Making sure that your code is secure from day one is the best way to prevent malicious attacks and avoid being bogged down in reams of data when trying to test the stability of code further down the line. But to do this successfully requires empowering your engineers to ‘check their own homework’ and trusting them to do so successfully. CI/CD is a great system for making this happen. This system allows you to build in automated tests so that as a product evolves, you can constantly see how secure its new iterations are without having to manually run tests. The biggest benefit to this system we’ve found is that because weaknesses are highlighted immediately, you don’t get to the end of a development cycle and suddenly find that you have failed an important test, only to then scratch your head as you search for the reason why. By taking this iterative approach from day one, we can really be responsive to what is happening in the market and avoid unexpected issues or costs.
Is AI the ‘holy grail’ of security solutions?
It’s early days, but the more information we can give AI tools then the better they will get. This process needs to avoid data being fed just for the sake of it and instead there should be a partnership between development and product teams to ensure that AI tools develop in a meaningful and valuable way.
With greater regulatory pressures now alongside gaps in resource and knowledge, developing AI is not going to be high on everybody’s list of priorities when it comes to ensuring security. If you find yourself in this position then your priority should be to address the current capabilities of your development teams. What are their strengths? Where are the gaps in the team? If you answer these questions honestly then you will see what needs to be done in order to close the loop and reduce exposure risks. Automatically identifying the gaps and aligning the education tools to provide the correct training, meaningfully should ease the load on your teams.
There should be a partnership between development and product teams to ensure that AI tools develop in a meaningful and valuable way.
BT are one of the world’s leading communications services companies. Their solutions are integral to modern life, connecting people all across the world in a secure and accessible way.
