BT Security CEO: We’ve Learned The Lessons From TalkTalk Hack

Wi-Fi Coffee Laptop © Sergej Khackimullin -

INTERVIEW: BT Security chief Mark Hughes explains how BT protects itself against attacks, how Brexit impacts skills gap and why firms should trust telcos

Skills gap

Earlier this year, BT Security created 900 new jobs, including 170 graduates and apprentices who wil be trained at the BT Security Academy in areas such as physical security, penetration testing, threat intelligence, risk management, security operations and sales. Most of the positions will be in the UK, at BT’s operations centres in London, Sevenoaks and Cardiff, but others will be located in Europe, the Middle East and Asia Pacific.

EU Brexit referedumBT already has 2,500 security staff but the company is concerned about a potential skills shortage in the field.

“We attract a lot of talent and we are the largest UK employer of cybersecurity skills,” Hughes said. “[But] there’s a finite number of skilled people out there. We look at existing technical skills in BT and retrain people.”

BT looks at specific universities and degrees such as computer science and cryptography and also holds initiatives like the cybersecurity challenge.

Hughes spoke to us before the EU Referendum but was clear that a vote to leave would be a bad thing – not just in terms of attracting talent to the UK but also sending British staff abroad.

“Anything that would lead to our ability to recruit from global marketplace would not be a good thing, given the skills shortage at the moment,” he explained. “We also have a big demand for skills in [certain countries]. Some staff have to be in other countries too.”

Why a telco?

When it’s not protecting itself, BT is trying to sell security products to consumers in the form of antivirus software and to businesses and multinational corporations through its business and BT Global Services units.

computer securityBut why would they buy their security services from a telco? IT managers are surely capable of picking and choosing the best in class products from a choice of vendors rather than being locked into whatever partnerships their provider has agreed.

Hughes claimed it’s because BT can use the insights from its network and determine what the best combination of products is. If a product doesn’t exit, BT’s research and development team can try and fill in the gaps.

Partners include Intel, Checkpoint and the Mike Lynch-backed UK firm Darktrace, but Hughes said BT is always looking at new technology.

“A lot of what we see is generated from the network,” he argued. “We have a lot of insight to give [customers] an idea of what’s going on. Even for the largest companies in the world, the amount of tech out there is a huge conundrum.”

“We can help make sense of what’s out there. The technology might be great but ultimately it’s the service that counts. We are probably the largest [security] provider in the UK but we want to be more well known.

“I don’t just resell it, I package it and sell it as a service.”


The market for security services is much bigger than it was even just a decade ago and with companies becoming increasingly digital and dependent on technology, this is likely to continue. BT itself is changing with the £12.5 billion acquisition of EE and the Internet of Things (IoT) means millions, if not billions, of devices beyond the PC will need protection.

Cloud too, is also seen as an opportunity for BT because security is one of the biggest barriers to adoption.

“Everyone is digitising in their own way,” said Hughes. “We have mobile offerings that improve security on mobile devices. We have an M2M division at BT, I look very closely at it. We are looking at ways of how to help people protect their cars before they are released to the market.

“The threat 10-15 years ago was quite nascent. The industry, and our approach to it has evolved. Back then there wasn’t a need for what we have now.”

Quiz: What do you know about BT?