KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
In her key note Hila Meller will explain how the new normal impacted by the Covid-19 global pandemic is reflected in the Cyber Security Space.
She will explain the changing threats in this new reality as well as the steps and strategies used by BT to globally adapt to the news ways of working, combined with a wider global view based on inputs and collaboration with large multi-national organizations.
In her key note Hila Meller will explain how the new normal impacted by the Covid-19 global pandemic is reflected in the Cyber Security Space.
She will explain the changing threats in this new reality as well as the steps and strategies used by BT to globally adapt to the news ways of working, combined with a wider global view based on inputs and collaboration with large multi-national organizations.
So let's start with a quick overview of BT security, who we are, the organization that I basically represent. So we are basically the security unit of BT, which used to be called British telecom, very large global telco company with more than a hundred thousand employees active in inherent in 80 countries. BT security has 3000 security experts and we have 16 global stocks. I will show you the map just right after that. One of the most important things you need to know about us, that we operate in a very unique way.
And we basically unified our security operations, our internal security operations, a group that we call protect BT and our external security operations services that we offer to our customers are both managed by the same group of people by, by BT security. And that creates a lot of synergies. Clearly there are a lot of similarities of protecting a large global multinational telco provider and protecting other global organizations.
We, we invest 60 million pounds every year in our security, R and D. So this is not our operational cost. This is just pure money that we put into our R and D in research around security. One of the hot areas that we like exploring is right now is around quantum key distribution.
So really looking at some very innovative use cases through our network and, and, and, you know, a network that serves a company that is active in 180 countries, where we are sometimes a critical national infrastructure where we are sometimes the network itself, we process more than a million events per second, and that gives us very good ring sites, it into the different threats and, and, and gives us very good input of threat Intel into our wider set of operations. Let's move to the next one that will show you the map of our cyber socks that we have around the world.
We have 16 of them and something very unique about BT is also that we invested a lot in our stock landscape in Europe. We have some big socks in Madrid, in Paris, in Frankfurt, in Germany, and we're now kind of increasing our presence in the, in Hungary with our Hungarian. So this is kind of not a typical thing for a global company to invest that much in Europe, but that, that comes because of a need, a demand that we have an ability to provide a services in different languages. Usually our stock operations follow a 24 7 model in which the same stock serve the same set of customers 24 7.
So we don't usually we don't do over the S just a dedicated, so that works with the customers. And to end, I mentioned this cause right now, this beautiful, you know, globe that you see on the screen, all of this, these people that we are in, all of those 16 socks are actually working from home right now. This was one of the first things that we did months. We started dealing with a COVID 19 pandemic. Let's move to the next slide and start talking about COVID enough enough talking about myself. Let's talk about COVID.
So if you look at the statistics, the statistics that are published, 94% of the organizations said that their, the pandemic impacted their cloud security strategy, and 35 mentioned that it actually accelerated their existing strategy and actions. And we probably, we we've seen the same thing also internally at BT. So let me share with you some of the things that we did immediately when COVID the outbreak began. So we really, we, we were asked to act very quickly, probably like any other person on, on this event today, right. Something happened and we had to react quickly.
I'm happy to say that we, we reacted well, right? So although we did things very, very quickly, we did them well. One of the first things that we did was to scale our VPN connections, to allow remote working from a few thousands a day around 5,000 on average to 80,000 on an average day, that means that the entire company, almost the entire company is remotely working, removed all those stock operations that I mentioned earlier to remote working. One of the things that actually enabled that to happen is our automation technology that we deployed earlier.
And the ticketing systems that really allow this transformation to home working of all of those complicated stock operations to take place very quickly without any major incidents or issues, our conferencing services, collaboration tools. We were just in the beginning of deploying Microsoft teams and from very low percentage of usage, we grew 10000%. And now all the all, all my day is just teams, meetings run after the other, like, I guess, many of the other people on, on this event today, we had to scale the network and we are right now working at 10 terabyte second per at the peak times.
And we also needed to change our approach to remote access. And one of the things that we did is also realizing that the risks kind of shifted now that we all work from home, the risks shifted the, the, the end station, the end point become a critical item to, to take care of. And also the people, the people are now working in, in an isolation, they're not surrounded by their colleagues and they need to make decisions on their own. So we accelerated our EDR deployment and right now have all of our computers covered.
And we also increased the amount of awareness sessions, encouraging people, for example, to turn on their human firewall. So they will not become victims of fishing and other attacks that I will talk about very soon. Let's move to the next slide. So what have we seen in terms of attacks and changes that happened with COVID 19?
One thing, very interesting, that happened to us that we actually didn't expect to be dealing with was that there were a lot of fake news and conspiracy theories around 5g. So BT actually, we found ourselves dealing with vandalism acts and some attacks towards our personnel because of fake news in conspiracies. So we had 13 sites in the UK that were burned or damaged by people that follow conspirator. And I think 39 technicians that were harmed or, or attacked by people. So really something not nice. And we were not expecting to deal with it.
We were able to identify 39 Malo families that were in use in that period that were linked to coronavirus or, or fishing attempts that were using coronavirus or, or pretending to be legit institutes that are part of the coronavirus fight in order to get trust and, and, and get people to click them and, and use them. So the coronavirus team is, is a very big one. We've seen fishing attempts, malware attempts, I'll show some statistics and examples later, but something that really cyber criminals realize that people want to know about it. They want to read the new, they want to receive updates.
And so they adapted to, to it and, and created a lot of attacks that seem to be legit messages from different organizations that are apart from the fight of coronavirus. As we geared up to deal with coronavirus and the new reality, we developed a few dashboards, dedicated dashboards that allowed us to deal with those new issues and specific spread Intel around those new threats. We deployed additional honey pots. I mentioned also earlier, we deployed quicker our EDR solution to cover all of our endpoints.
So we, we took really a quick step forward when it comes to threat Intel and EDR protection, VPN attacks. Another thing that we saw an increase as the entire world, not just BT moved to additional VPN access and remote working. We've seen an increase of the amount of attacks that targeted specifically those kind of solutions. And some of them are very, very sophisticated as well. Let's go to the next slide.
So there are some very interesting reports coming from NCSE in the UK, C S a in America, and they all talk about how criminal organizations are leveraging COVID 19 coronavirus themes in order to lure people to use their malware or phishing emails. So I have your examples, whether it's an SMS message containing a malicious link or a phishing website, and to be a government in Institute of the UK or an Italian email, pretending to be someone from the world health organization, but is in reality, a malicious email. So we've seen a lot of them. And these are just a few examples.
Let's move to the next slide. So this was about us BT, what we've been through, the kind of very quick step that we needed to take in order to react. Okay. And this is also what my customers are telling me.
We, we work with some large global organizations around the world and they share with us the same stories. They, they talk about an increased amount of attacks on some industries. The pharma industry, for example, is very suffering right now from increased attacks. They're talking about cultural changes, right? Working from home is a cultural change. For many of them. It also requires them to adapt new rules of engagement.
I, I have a few, I work with some organizations that limited the time in which emails are allowed or setting meetings are allowed onboarding new employees. It's a challenge, right? How do you onboard new employees when you're smart working that employees that might not even have seen their manager or, or, or peers, people that work with them in the same team, working conditions at home, that's another big team. And we've seen that as well.
And, and one of the things that we witnessed as we moved our stock operations to work from home was that not all of the people actually had the right conditions to have a home office in which they can work with. I mean, some of the people live live with flatmates, and it could be that the only suitable working environment is their kitchen table. And that's maybe a good case because in other, in other areas, we've seen also that in some of the countries, some of them are in Asia. It's common for big families to, to live together in one apartment.
And people might not even have a desk they can use in order to work remotely and do the job. So working conditions at home was suddenly something big that, that we needed to deal with. But also the organizations we work with security priorities are clearly shifting. There was a clear need to react very quickly and enable new ways of working and usage of cloud services and work life balance.
We, you know, we all work from home, but we work more and I get, I can say it about myself and probably about everyone joining the event today. So work life balance become a big, big theme for, for organizations. Let's move to the next slide. So what we see that is happening now, we all been through this react process, right?
We, we reacted very quickly in a few weeks time. Things started working completely different for us, and they've been like that for about nine, nine months now. So what is happening now is also some kind of a reassess process in which organizations realize, okay, that wasn't a quick one, this new reality is here to stay. And so that means that some of those activities and approaches that were used for many, many years now need to be reassessed.
And there could be some more strategic changes that need to be done, not just in order to react, but really adopt to a new reality that is here to stay. So people in wellbeing is, is a big thing. We talked about, you know, working conditions at home, allowing them to deal with some of the fears that they have, you know, once, once things get better a few months ago, and people started going back to the office, which where I live right now is no longer an option. Cause we are in a second wave and in lockdown. But at one point things got better. People started going back to the office.
We realized that some people are actually anxious about going back to the office and in some big cities where it's come to take public transportation, that's even added additional level of anxiety, technology, technological challenges, right. They're probably here to stay. And one of the biggest items that we see time after time after time is that when organizations like BT and others, when, when we reacted very quickly, we consumed budget. So in order to take care of that emergency plan, large portions of budgets were consumed.
So how do we plan now for the long term leveraging very little budget that is out there. And that means that investment decisions in cybersecurity need to be really, really smart and need to really take into consideration the long term benefits and, and how new strategies can really be aligned with what is being spent right now, risks are changing and managing. I mentioned it earlier. We realize that people are now even a bigger risk than before, because they're isolated. They cannot consult with colleagues. So this is a risk that needs to be addressed in an incremental way.
Endpoints remote connectivity, right, is increasing risks compared to how we used to work before. So as a result of this reassessment, we also realize that in some cases, organizations are now almost like reset their entire strategy and policy. And they're BA creating from almost like a new baseline for their work plans, strategic planning, and, and investment plans for their cybersecurity approach. Let's go to the next slide.
So I, I guess now for us, it's an opportunity to rewrite the rules, right? We, we reacted, we reassess it.
We, we reassess the situation. Now it's about rewriting the rules and the plans. What happened with COVID is that security teams reacted very quickly, right? In a week or two people moved to working from home. Things were done completely differently. Organizations now understand that this is possible and they expect to happen on a regular basis. So that's an opportunity for us to shine as an enabler, right? Make security as a, as an enabler that allow organizations to be successful. And that means that security must be flexible and support the business, right.
Instead of saying no and throw things down, we can be the enabler and, and cloud security as organizations now move to the cloud even quicker than before knowledge and visibility are key elements to do it successfully. Human factor, human factor remains an important risk and an item to be addressed. So education and awareness are still key activities to address. So I will pose now cause I'm 19 minutes into my session to allow us one or two minutes of questions.
