TalkTalk: The twists and turns of the cyber crisis continue

iStock_000006935624_LargeThe story of the TalkTalk cyber crisis and the company’s response continues to unfold as we saw inevitable outrage over the week-end with stories galore of customers with “potentially hacked bank accounts” raising a whole new raft of rumours, heating the debate and breeding more noise about what might have happened and just how great the impacts may be.

The story was moved by the CEO (quite cleverly) to the broader focus of “cyber risk is a wider problem the UK needs to face up to and address” with calls for more Government support to tackle cyber crime.  A fair appeal and one raised by me in my earlier blog – regulation and control or assurance in this domain is very much required –  even though challenging to apply in a reasonable manner. Continue reading

Talk Talk – a network hack by any other name

talktalk-cyberattack-hack-bank-card-detailsTalkTalk is the latest in a long line of high profile businesses to undergo a ‘cyber attack’ as they call it.  A real pattern is emerging of how these matters are managed in the public domain and it is interesting to note there is no use of the dreaded “hacked” terminology in their reports and messages.

They are now in that incredibly tricky position of knowing intruders have been in – but not being quite sure what they have left with in their bag of electronic ‘swag’.  It is now that the executive team discover just how convoluted the investigations can be and the awful fact that there is the potential to never know exactly how they got in or what was taken.  At a time when everyone is seeking certainty, the challenge of a cyber crisis such as this is that conducting investigations as to where hackers have been on your network, particularly if it is integrated across key platforms, can be a very, very long process. It can be quick if fortune smiles on you but there are no guarantees. Continue reading

Cyber Security and Business Continuity: The stats & the steps

National Cyber Security MonthAs the relationships between businesses and customers move increasingly online, last week’s denial-of-service attack on HSBC was a stark reminder of how dangerous cyber attacks have become. ICT continuity has quickly risen to become a top business and policy priority, and essential to safeguarding organisational survival.

Most organisations, regardless of size or sector, are dependent on their ICT infrastructure to deliver products and services. Any disruption can negatively impact operational capability, and by extension, do damage to reputation, profitability and even potential for future growth.

Continue reading