BAE Systems Detica SEES CYBER GROWTH
By Yvonne Headington
06 Nov 12. BAE Systems Detica’s state-of-the-art Cyber Operations Centre has the futuristic feel of a Bond film set. Most things at the company’s new London premises, located within Southwarks’ Blue Fin building, are done by touch screen – and that includes signing the visitor’s book (or ‘pad’ to be precise.) No wonder this avant-garde office complex was used to film the recent BBC spy-thriller series Hunted.
All this is a far cry from the room above a chip shop where founder Bruce Smith established Smith Associates (as the company was originally known), in the 1970s. Since then the Company has repositioned from a largely Defence-focused scientific research enterprise into a specialist IT consultancy working in both the public and commercial sectors. Following the name change to Detica in 2001, the company was floated on the London Stock Exchange and subsequently acquired by BAE Systems in September 2008.
Detica is now part of BAE Systems’ Cyber & Intelligence business which in 2011 accounted for 7% of the group’s overall sales. With offices in Europe, Asia Pacific and the US, Detica employs 2,500 people and last year generated revenues of some £300m.
The BAE Systems acquisition has been “nothing but a very positive step” said Tom Burton, Detica’s Head of Cyber Security Services, during a briefing at the Company’s London offices on 26th October. BAE Systems provides “a very solid balance sheet and the ability to invest” Burton added. This investment has enabled the Company to expand its key markets, which include: intelligence and Defence, law enforcement, Government, critical national infrastructure, telecommunications & media and financial services. Although Detica maintains a strong Defence business, in terms of both cyber-related activities and within the broader Defence and aerospace sector, the Company is not driven by the cyclical nature of Defence expenditure. Defence cuts “don’t have a strategic impact on BAE Systems Detica” said Burton.
Cyber security has been Detica’s fastest growing business in recent months, particularly within the UK and mainland European markets. The demand has been led mainly by commercial enterprises which are experiencing “wholesale intellectual property theft on a global scale” said Burton.
Burton painted a vivid picture of how increasingly sophisticated cyber attacks are conducted with military precision. First the infiltrators scan an organisation’s system, returning a while later in order to target something specific. Burton described how such activities are highly organised, deploying a range of capabilities from foot soldiers to specialist task groups. Burton explained how one can detect a higher degree of training and experience during the progress of an attack “as though the Private soldier…has been moved to one side and the Sergeant’s gone in, in order to close the deal”.
Treidan® is the Company’s showcase cyber security product which monitors and identifies malicious activity in order to prevent the perpetrators from achieving their objectives. Detica’s approach is to harvest activity information in order to “spot those behaviours that just don’t look quite right” said Burton. This material is collected from a variety of sources, including probes that monitor the flow of information through customers’ networks from the internet. Having established patterns of suspect behaviour, analysts can then rapidly identify those that are of concern and those that are benign. The Company’s Guildford centre currently has 15 customers and Detica analysts deal with some 2,500 alerts each day. These alerts usually result in about 200 ‘tickets’ being assessed as suspicious, leading to between six to 12 genuine security incidents.
Burton conceded that supply chain issues are difficult since without mandating a level of protection across the whole supplier network, they are difficult to control. Even then “how far do