The TalkTalk cyber-attack fiasco and data outsourcing
by Jeremy Coward
After being subjected to a cyber-attack, which resulted in the theft of the private financial information of up to four million customers, the fiasco surrounding TalkTalk and its data security continues.
Most recently, police arrested a 15-year old boy in Northern Ireland in connection with the crime. The week before, TalkTalk claimed it had received a ransom demand from an organisation, suspected by the Metropolitan Police cybercrime unit to be Islamic extremists.
Unsurprisingly TalkTalk shares fell sharply after the telecoms group reported the attack. They have since jumped back by 9 per cent since news of the arrest in Northern Ireland came about.
In February, TalkTalk took legal action against a third-party supplier after a similar breach that led to the exposure of customer data. However, when writing for Sourcingfocus on the subject of outsourcing to manage security risks, Csaba Krasznay, product manager at BalaBit, suggested this sort of case is an anomaly.
He argued that an increasing number of companies are outsourcing IT and data responsibilities precisely in order to vamp up cyber security, and suggested how this might be done:
“An approach which organisations are adopting in order to close the blind spot of traditional security monitoring tools and uncover risks that many security tools cannot identify, is through the use of examining a user’s behavioural patterns. This is carried out through analysing how we interact with IT systems which can leave a recognisable fingerprint that can then be detected.”
For weekly news updates, subscribe to our email newsletter.