This website uses cookies. By navigating around this site you consent to cookies being stored on your machine



Latest commentary

Businesses must take action as cost of cyber security breaches doubles

Written by: Dr Scott McVicar, General Manager, Commercial Solutions, EMEA – 2nd June 2015
According to the Government Information Security Breaches Survey 2015 published by Digital Economy Minister Ed Vaizey, and launched at the Infosecurity Europe event taking place today in London, businesses must take action as the cost of cyber security breaches doubles.

The research shows the rising cost of malicious software attacks and staff-related breaches to businesses and indicates the average cost of the most severe online security breaches for big businesses now starts at £1.46 million up from £600,000 in 2014, and for SMEs can reach as high as £310,800, up from £115,000 in 2014.

According to Dr Scott McVicar, General Manager, Commercial Solutions, EMEA, BAE Systems Applied Intelligence, speaking from Infosecurity Europe today: "In a bid to keep pace with the ever-evolving threat, we’re seeing increasing customer demand for sophisticated technologies to protect themselves against cyber crime – not only from external actors, but also from internal sources, as one of the biggest risks to businesses is the threat of employees accidentally or purposefully leaking data.
"Today we announced delivery of the first set of our military-grade cyber security services in Europe from the cloud, meaning that technology to defend against the most sophisticated attacks, previously only practicable for governments and FTSE 250 or Fortune 1000 companies, can now be delivered within short timescales, on cloud-based infrastructure and with the inherent flexibility to scale up or down as required. "With most cyber attacks starting with an email message, BAE Systems’ Email Protection Services (EPS) will provide comprehensive protection against even the most advanced threats, including unknown or previously unseen "Zero Day” attacks."

Martin Sutherland of BAE Systems Applied Intelligence comments on major NCA operation to counter online child abuse

Written by Martin Sutherland, Managing Director
On Wednesday 16th July, the National Crime Agency (NCA) released details of a major six month operation. Commenting on this operation, Martin Sutherland, Managing Director of BAE Systems Applied Intelligence said:
“BAE Systems Applied Intelligence has been an integral part of the operational team at the National Crime Agency that has coordinated this major operation to counter online child abuse. We managed and exploited the vast amount of data associated with the operation so that officers could act faster on the information they had, increasing the speed in which they could identify and safeguard the victims and arrest the offenders and also demonstrating how data analytics can be used to identify and prevent criminal activity.
“Various bespoke custom tools and processes have been developed during the course of this operation to help with everything from the initial child protection risk assessment of the intelligence to the automated generation of dissemination packages to local police forces across the UK. To date this pro-bono support has saved the National Crime Agency the equivalent of over 10 man years of effort. This is an ongoing operation and we will continue to provide assistance to help safeguard even more children and identify more offenders.
“It’s a great privilege to be working closely with the CEOP Command of the National Crime Agency on such operations, and to help them do their vital work safeguarding children and young people. The project builds on BAE Systems’ commitment to public safety and security – and is an excellent demonstration of how government agencies and private businesses can work together for the public interest.”

In addition, Johnny Gwynne, Director, CEOP Command of the National Crime Agency said,
“With support from our partners, the National Crime Agency has undertaken an unprecedented operation to crack down on the sharing of child abuse images online.
“Our strategic partnership with BAE Systems Applied Intelligence made a fundamental difference to the timescale of this operation. The support they gave us significantly reduced the time it took officers to identify the offenders from raw intelligence. Critically, this enabled us to reach those 431 children at risk much faster than we could have done on our own. Reducing the suffering of victims by even one day is of paramount importance and we are sincerely grateful for the impact BAE Systems’ support had on helping us to achieve this.
“We look forward to developing further our strategic partnership with BAE Systems Applied Intelligence, continuing to work together to protect children in the UK and globally from online child sexual exploitation.”



Written by Martin Sutherland, Managing Director
Speaking at IA14, Sir Iain Lobban announced that GCHQ is to launch a pilot scheme to share classified cyber threat information with key security-cleared partners in industry, to help combat the threat of cyber attacks.
Commenting on the pilot scheme, Martin Sutherland, Managing Director of BAE Systems Applied Intelligence, said:
“Sharing relevant intelligence and information is an absolutely vital part of our collective security and the growth of systematic digital criminality means that this is exactly the right time for GCHQ to launch this scheme to share its classified cyber threat information. This initiative could well provide industry with a much richer and more valuable set of threat information than has ever been available to date.
“The constant evolution of the cyber threat and the development of new capabilities to steal intellectual property and other vital information presents a major risk to the foundation stones of our economy. This risk is also increasing because of the proliferation of technique and knowledge amongst threat actors, with new criminal groups acquiring the skills and capabilities to carry out highly sophisticated attacks for financial gain. It is therefore essential that we continue to improve the ways in which government and industry work together and we welcome this bold step by GCHQ to improve the quality of threat intelligence that the private sector has access to – it will help to protect consumers, businesses and the economy as a whole.”



Written by Dr David Bailey, Chief Technology Officer
Speaking yesterday at TM Forum Live! In Nice, Dr David Bailey, CTO for Cyber Security at BAE Systems Applied Intelligence, shared a platform with the Head of CERT-EU, Freddy Dezeure, and talked about the importance of integrated threat intelligence capability to security for all organisations, but especially those in the Telco sector.
David looked at the importance of threat intelligence, especially in the wake of some high profile cyber attacks:
"Threat intelligence is a vital component of rapid detection and recovery from an attack  - it gives compromised organisations the knowledge and confidence to react quickly and with precision to limit the damage caused by these breaches.
“If you look at the recent breaches such as those on Target and eBay, which have involved the loss of massive amounts of customer data, it is clear that a timely response is essential to maintaining customer confidence. Worryingly, we are now seeing evidence of follow-on campaigns linked to these breaches - for example, spammers are targeting eBay customers asking them to visit websites to check whether their credentials have been used in criminal activities – in the process harvesting more personal information and delivering malware to those users. This mirrors broader criminal campaigns where consumers are targeted for financial reward.
“GOZeuS and Cryptolocker, the subject of recent takedown activity by the FBI and the NCA in the UK, provide a real example of how threat intelligence can feed  into law enforcement to reduce the threat, and protect businesses and consumers. However, this is only a temporary reprieve - the NCA estimates that the network could be up and running again in two weeks. To manage the threat on a long terms basis, threat intelligence needs to be an enduring part of the way in which businesses conduct security for themselves and their customers."
David also focused on the steps that organisations can take to protect themselves, and the value of intelligence sharing:
"Information sharing, with bodies such as CERT-EU and partners, public and private, is essential but it is only part of managing the threat from state-backed groups, organised crime and activists. We advocate considering the whole lifecycle of threat intelligence, from planning and collection, through analysis and dissemination. We see this play out day-to-day in our role as a Managed Security and Cyber Incident Response provider.
“The link to the operational environment is key, and when done well, not only helps organisations protect their own information and systems but also help protect customer data and devices. This can open up important new revenue streams for service providers and security companies alike as we see more and more value add services which incorporate security and intelligence capabilities from the ground up."
If you are interested in learning more about the convergence between cyber crime and fraud and the relevance this has to the telecoms industry – or are attending TM Forum and might be interested in speaking to David Bailey – please contact Ben Maitland, PR Manager for BAE Systems Applied Intelligence on +44 7833 134 432.



Written by: Martin Sutherland - 19th May 2014
Martin Sutherland, Managing Director, BAE Systems Applied Intelligence on US Attorney General, Eric H Holder’s announcement earlier today around the indictment of five officers of the Chinese People’s Liberation Army for alleged cyber security breaches against six American victim entities:
“This really could be a landmark moment that has the potential to change the way in which we respond to the growing threat presented by digital criminality. We are constantly working to devise the most rigorous and comprehensive cyber defences possible, but there is little real deterrent against these crimes if the crime cannot be attributed to any individual or if those responsible are not brought to justice.

“Cyber crime is a virtual, but real crime that involves the theft of critical assets such as intellectual property, money or strategic plans which are vital to the success of both individual businesses and national economies. Were these acts of theft committed in the non-virtual world - if someone had been caught physically removing trade secrets from a filing cabinet - it is unthinkable that they would go unpunished. However, we have seen too many cases where crimes committed using digital technologies have proved over-complicated to prosecute effectively. This current case is encouraging and sets an interesting precedent for other countries combating digital crime.”




Written by: Martin Sutherland - 30th April 2014
A government commissioned survey released yesterday revealed that the financial impact on UK companies from cyber attacks has doubled in the last year, with the average cost of a cyber breach at a large company now reported to be between £600,000 and £1.2million. This follows the warning earlier in the week from Pete O’Doherty, the head of the National Fraud Intelligence Bureau, thatcyber crime has led to a surge in fraud offences, with seven out of ten reported frauds now involving a cyber element. This compares to around four in ten, five or so years ago.
The statement below from Martin Sutherland, Managing Director of BAE Systems Applied Intelligence sets out why this is further proof that the age of digital criminality has now arrived:
"The National Fraud Intelligence Bureau’s finding that seven out of 10 acts of fraud now contain a cyber element echoes not only what we are hearing from our clients on a daily basis, but also our recent research findings, which show that the majority (67%) of British businesses regard organised fraudsters as the group most likely to carry out targeted cyber attacks. The conclusion is becoming increasingly clear - we have now entered the age of digital criminality in which well organised and well funded criminal groups are using sophisticated cyber techniques to carry out theft and fraud on an unprecedented scale.
"The convergence of digital crime and financial crime is clearly going to be one of the greatest challenges to business, law enforcement agencies, and the security community over the coming years. In recent months we have seen in the attacks on major businesses, such as Target, the damage that this can cause; all the evidence we are seeing suggests that this is just the tip of the iceberg. Responding to this challenge is going to require us to work together more closely than ever before - sharing threat intelligence, and using the most advanced fraud prevention techniques to stop these attacks before they do real harm to businesses, consumers and the economy as a whole."



Written by: Martin Sutherland -  31st March 2014
Commenting on the news, Martin Sutherland, managing director of BAE Systems Applied Intelligence, said that highly sophisticated groups of adversaries – whether criminal or state-sponsored – are becoming increasingly well organised and developing ever more complex tools with which to attack their targets.
"There has rarely been such a far reaching menace with the ability to threaten every aspect of society – critical infrastructure, business, and the economy as a whole," he said.
“In the face of this, it is vital that the government takes a strong lead and provides an efficient infrastructure that allows the security community to collaborate and share vital information."




Written by: Martin Sutherland - 16th December 2013
Martin Sutherland, BAE Systems Detica, comments at the Times/BAE round table discussion on whether UK organiations are responding effectively to cyber risk:
"We are here to stop bad people from doing bad things." He said that people today accept online retailing, the mass adoption of mobile technology, using personal devices at work and a massive exposure of personal data.
He continues to say:
There has been an explosion of data and now a dependence on data. That is a business opportunity, but there is also a whole bunch of people using the exact same technologies for their own nefarious gain"




Written by Martin Sutherland and Adrian Nish - 13th December 2013
Martin Sutherland, Managing Director, BAE Systems Detica, commented:
“In our view, one of today’s most significant announcements is the plan to expand the Cyber Security Information Sharing Partnership (CISP) by doubling the number of members to 500 by the end of 2014. This trusted platform is vital in providing real time information sharing and to collate and enrich the information that’s been exchanged to enhance the UK’s cyber defences.
“Traditionally, governments and industry have taken a largely sectoral approach; where the UK’s CISP is unique is that it is a world-leading cross-sector initiative and exploits the commonalities between different sectors to share knowledge and raise threat intelligence maturity. Consequently, it allows a wider range of companies to benefit from the cyber knowledge it shares.
“A clear message is being sent that information sharing with industry is a key priority for UK government. Now that the activity has been catalysed it will be vital that it gains critical mass in terms of scale and is seen as a core element of a holistic cyber response that offers an appropriate level of protection for companies.”
Adrian Nish, a BAE Systems Detica analyst, who presented at the event, said:
“As an active member of the Fusion Cell of analysts of the CISP, we encounter an enormous range of threats each day. Yet, industry does have some advantages – all cyber attacks leave a data footprint and we can use the profile of these attacks to defend ourselves going forward. Where the CISP comes in is that by bringing details of various attacks together, we are able to build a bigger profile of what that threat looks like and are able to look at how to mitigate it.
“One recent example is where a company in the aerospace sector reported a compromised UK website and fed that information into CISP. It transpired it wasn’t a random attack, but one perpetrated by a particular known attack group. That information could then be briefed out to other sector members and the threat picture added to. Interestingly, academia also fed in information on this type of attack as they were seeing the same attack across universities. In this way, proper technical indicators from a range of sectors and contributors were looked at and actionable intelligence produced to counter the threat.”



Written by: David Garfield - 27 March 2013
“The launch of the CISP is a significant move catalysed by government in its bid to ask companies to share intelligence about what cyber threats they are seeing against them. When we look back in a few years’ time, this launch will represent a step change in the approach to threat intelligence sharing, especially between organisations that are typically competitors.”



Written by: Martin Sutherland - 7 February 2013
“Commenting on the Cyber Security Strategy of the European Union, put forward by the Commission and the High Representative of the Union for Foreign Affairs and Security Policy, issued today, Martin Sutherland, Managing Director, BAE Systems Detica, welcomed the strategy but stresses that, in terms of risk assessment and breach disclosure requirements, it is imperative that the strategy drives positive behaviour and information sharing about cyber risks rather than deterring honest disclosure for fear of reputational damage. He said:
“Implementing a cyber security strategy to formalise best practice for EU members and the businesses that European economies rely upon is an important step in combating cyber attacks that know no borders. The strategy will also support EU member initiatives already implemented, such as last year’s update to the UK government’s cyber security strategy.
“One of the most noteworthy elements of the EU proposals is that operators of critical infrastructures in some sectors (such as FS and energy), as well as information society services (such as search engines) and public administrations must adopt risk management practices and report major security incidents on their core services.
“It is vital that any legislation around risk assessment and breach disclosure should focus on the market behaviours that will be created; legislation on its own does not solve the problem and if not implemented carefully may drive negative behaviours. We need to be careful that positive outcomes and information sharing about the cyber risk is the result, rather than honest disclosure being driven underground by fear of reputational damage.
“In addition, businesses must remember that legislation only provides the framework to best respond to cyber attacks.  Firms need to take intelligent responsibility – that is the only way to respond to such an asymmetrical threat. It will be interesting to observe how the legislation, once ratified, affects market behaviour across Europe.”
View our cyber security offerings.
Media Contacts:
Natasha Davies, Head of PR and Media, BAE Systems Detica
Telephone  +44 (0) 20 7812 4274
Mobile:     +44 (0) 7787 297 831



Written by: David Garfield - 1st February 2013
The disclosure by New York Times that it has fallen victim to a Chinese cyber attack has generated a wave of concern about the ability of organisations to protect themselves against targeted cyber threats. According to BAE Systems Detica, prevention alone is no longer a viable security strategy – today’s news is a stark reminder to organisations that currently have no means of monitoring for evidence of on-going attacks against their business that they must always be vigilant, especially when it comes to sensitive information”
David Garfield, Managing Director, Cyber Security, BAE Systems Detica, comments:
“This cyber attack on the New York Times has the hallmarks of what we would class as a tactical intrusion – an attack triggered by an event which intelligence agents have an interest in collecting information on.
“As the New York Times article points out, traditional security technology such as firewalls and anti-virus do not stop these events. They were never designed to counter the type of bespoke targeted attacks by adversaries with a strategic interest in accessing an organisation’s networks.
“We have investigated intrusions, from similar origins, against media organisations - attacks devised to steal sensitive information such as correspondence around a specific topic of interest between journalists and their sources. These attacks aim to view the content of conversations, who the sources are, or what the next story angle might be. This type of activity is obviously an acute worry for any news organisation.
“Organisations shouldn’t ask what their security tools are telling them, but ask what they are not telling them; that can only be done by monitoring and analysing their networks for evidence of compromise. It is excellent work by The New York Times to discover this attack and in particular to disclose it in such detail; this should greatly help in the fight against our cyber adversaries going forward.”