• Group unveils tailored managed security services to support software giant’s SIEM product.
  • More new offerings on way to support Microsoft cloud applications.

BT guards Microsoft Azure Sentinel

BT guards Microsoft Azure Sentinel

Source: Microsoft

A closer relationship between BT and Microsoft, unveiled this week, ticked important strategic boxes for the UK-headquartered Group.

On the one hand there is tighter collaboration with a major public cloud provider — something which Neil McRae, BT Group Chief Architect, is especially keen on (BTwatch, #305 and passim) — and on the other there is greater visibility for both its cybersecurity capabilities and BT Security Advisory Services, a new unit unveiled in March 2020 (BTwatch, #311).

As part of the agreement, BT launched what it called a “new range” of fully managed security and advisory services to support Microsoft Azure Sentinel, a data analytics tool to guard companies against cybersecurity attacks.

There is promise of more collaboration to come. BT said the Azure Sentinel hook-up was the “first in a series” of managed security services that it will offer to support Microsoft’s cloud-based applications. More details are expected later in 2020.

Guarding the guards

Azure Sentinel is Microsoft’s cloud-native play in the security information and event management (SIEM) market. SIEM software products are designed to gather information from different sources, such as operation systems, applications, and different databases. The large quantities of data are then constantly analysed for anomalies and any other signs of a security incident. As part of the Microsoft Azure cloud computing platform, Azure Sentinel differentiates from other SIEM products in that it is integrated with Office 365 and other Azure offerings.

BT’s role is to provide a managed service for both Azure Sentinel’s SIEM product and its security orchestration automated response solution. The service includes alert detection, threat visibility, and threat response. Protection of this sort is evidently enabled by combining data from the Azure Sentinel workspace with BT’s “own expertise and extensive threat intelligence gained from protecting one of the world’s largest global networks”. BT’s 16 Security Operations Centres are tasked with monitoring data “ingested” into a customer’s Azure Sentinel workspace.

BT Security Advisory Services is on hand to offer “expert guidance” to help organisations get to grips with cybersecurity requirements.

We’re pals, we are

BT, evidently proud to be seen as a close buddy of the software giant, deftly added in the Azure Sentinel announcement that it was one of the first Managed Security Service Providers (MSSP) to have been selected for the Microsoft Intelligent Security Association (MISA).

Launched in 2018, MISA has built up a security ecosystem, mainly with independent software vendors, which have integrated their solutions with Microsoft. In July 2020, Microsoft launched an invitation-only pilot programme for ‘select’ MSSPs.

Advisory role

BT launched Security Advisory Services in March 2020 . The new practice, which BT flagged as “ongoing expansion” of its cyber security capabilities, offers “strategic security guidance and solutions to organisations across the globe”. The initiative is led by Tristan Morgan, who seems to be a rising cybersecurity star at BT. In late 2019, Morgan took on a new role as Director of Global Security Consultancy & Cyber, which was an add-on to his existing position as Director of Portfolio & Delivery at BT Security (BTwatch, #308). Morgan has some 300 people under his wing at the new practice. Target customers range from small- and medium‑sized enterprises through to multinational companies and public sector organisations. BT Security’s ‘ethical hacking’ team, which uses the same tools and techniques as cybercriminals to attack organisations’ defences and identify vulnerabilities, are part of Security Advisory Services.