Skip to main content

Former TalkTalk chief flags legacy kit as security risk

LIVE FROM INFOSECURITY EUROPE, LONDON : Dido Harding, former CEO of UK multiplay operator TalkTalk ( pictured ), warned against failing to decommission legacy systems following M&A, blaming her old company’s lack of action for a devastating data breach in 2015. Harding told delegates robust systems and immediate honesty with customers were central to protection against attacks, and minimising reputational damage if hit. During 2015 TalkTalk was the target of one of the largest data breaches in the European telecoms sector, with over 150,000 customers impacted and stinging attacks from officials and the media. Following the incident there was an exodus of customers and its share price dived to a level the operator has never really recovered from. It was also hit with a then record £400,000 fine from national data regulators. “The impact was enormous reputationally and financially,” Harding stated and, although she believed the company hadn’t done enough to protect itself before the hack, it was “not a company that didn’t take cybersecurity seriously”. She added the foundation of the company, built through M&A activity, meant it had inherited a number of old systems, many unused for years but not decommissioned: “It’s the legacy that gets you,” Harding warned. Reputation Harding told the audience the biggest risk was reputational, which was her justification for informing customers within hours of the attack through publicity in broadcast media, email and social media. Although widely criticised for her stance at the time, including by the police, Harding said she believed being “honest about it” was the best way to regain customer trust. The former executive said three months after the incident TalkTalk’s churn rate was lower than prior to the attack and in its own feedback data more customers stated they would recommend the company to a friend. These metrics, she added, were due to its approach in the immediate aftermath. However, its improved churn rate and satisfaction rates would have excluded the customer exodus immediately following the incident. Board battle Other advice given included: ensuring clear communication channels between executives and technical staff; and ensuring the board are asking the right questions about potential vulnerabilities. “Cybersecurity is a board decision,” Harding said, adding: “Still no board is asking the right question. Are we OK? The answer is no. None of us can give 100 per cent security. We should be asking what are the risks.”
Labels:

Comments

Post a Comment

Popular posts from this blog

Bureze Security News for 07-04-2018

Security Systems, Surveillance Cameras, Cellular Communications A professionally installed security system will help protect your business, employees, and property. With affordable add-on options, you can remotely control your system, as well as lights, door locks, thermostats, and more. You can even add video cameras, and view or record them on your smart phone. One system provides protection and remote control for your business. Sterling Security Systems, a locally owned company founded in 1993, offers far more than parts.  Sterling Security is an authorized Bosch & DMP dealer. Our technicians are factory trained and certified in the installation and service of Bosch & DMP equipment. Sterling Security Systems alarm monitoring centers provide protection around the clock, every day of the year. Our state-of-the-art alarm monitoring centers are so sophisticated they automatically back each other up in Fast Alarm Response Times Always On-Ca...
1 comment
Read more

Bureze Security News for 04-29-2018

[embed]http://www.youtube.com/watch?v=9XLLo0025Jc[/embed]Security...or Surveillance? The Edward Snowden Interview Closed-circuit television In recent years, the use of body worn video cameras has been introduced as a new form of surveillance, often used in law enforcement, with cameras located on a police officer's chest or head. Video surveillance has generated significant debate about balancing its use with individuals' right to privacy even when in public. Special cameras for some of these purposes include line-scan cameras and thermographic cameras which allow operators to measure the temperature of the processes. With the addition of fixed cameras for the active traffic management system, the number of cameras on the Highways Agency's CCTV network is likely to increase significantly over the next few years. The cameras send the feed to a central control center where a producer selects feeds to send to the television monitors that fans can view.  New York C...
1 comment
Read more

Security company in Bellevue vandalized

BELLEVUE, Neb. (KMTV) - An Omaha home security company based out of Bellevue is using its own camera to help track down a thief who stole items from outside their building. Chris Malmberg, the owner of Omaha Security Systems Inc. says an unidentified man stole nearly $300 worth of landscaping Sunday night. "The motion sensors went off and I got a notification on my phone that he was there. We saw him take the plants, we watched him drive away and then immediately contacted police," said Malmberg. "He was real nervous, but he ended up stealing shrubbery, Hosta plants, I mean - never in my life have I ever known somebody to steal landscaping." Malmberg said the plants could be replaced, but what's frustrating is that this is one of several vandalism incidents his business has experienced since OSSI moved into the building near Jefferson and Mission Ave. "We've had vandalism, we've had items stolen, or attempted to be stolen, with the security that we...
Post a Comment
Read more