TalkTalk Reveals that it Still Doesn’t know How it was Breached

By   ISBuzz Team
Writer , Information Security Buzz | Nov 04, 2015 05:00 pm PST

Chaos reigns at TalkTalk as the telco appears to be claiming that a distributed denial of service (DDoS) attack led to customer data being compromised – despite that being technically infeasible. A contradictory series of claims in a TalkTalk statement has suggested the company does not understand the security issues it has faced. Richard Beck, head of cyber security at QA have the following comments on it.

[su_note note_color=”#ffffcc” text_color=”#00000″]Richard Beck, Head of Cyber Security at QA :

“Talk Talk’s latest customer statement highlights the challenges an organisation can face when it has been the victim of a cyber attack. In the initial aftermath of any serious incident it’s not uncommon for information to be misinterpreted, missing or simply wrong. When it comes to cyber security the pace of change is so fast that it can feel like an almost impossible task for IT teams to keep up. In an era where it’s most likely that a cyber attack will occur, the important thing is that organisations have in place a solid plan of action (which all the key stakeholders are signed up to) and that the IT teams are as up to date as possible with the latest threats, and ways to mitigate against them should they strike.”[/su_note]

[su_box title=”Richard Beck, Head of Cyber Security at QA” style=”noise” box_color=”#336588″]QARichard Beck is Head of Cyber Security at QA, responsible for the entire Cyber Security portfolio. He works with customers to build effective and successful security training solutions tailored for business needs. Richard has over 10 years’ experience in senior Information Security roles. Prior to QA, Richard was Head of Information Security for four years at Arqiva, who underpin 20% of the UK’s Critical National Infrastructure. Richard also held Security and Technical Management posts at CPP, GEC, Pearson and the Royal Air Force. Richard sits on the IBM European Board of Security Advisors and previously chaired the Communication Industry Personnel Security Information Exchange (CPNI).[/su_box]