Talk Talk. Lets talk security.
Budget, Complexity, Security.
Normally, the customer has confidence that their data is safe from malicious attacks on the internet.
While Talk Talk will certainly have a security budget to strengthen their defences against attacks they are still at risk, and as networks expand new vulnerabilities arise which introduce new vulnerabilities which can give the attacker the opportunity to comprise the network.
Talk Talk’s business has seen massive growth in recent years increasing its customer base and as demand for their services increase investment is needed to implement new infrastructure to keep up with the demand on their services .
Although investment is normally required to acquire new tech to protect our assets from the current threats common mistakes such as misconfigurations and forgetting to setup the correct type of security can result in vulnerabilities. This can be due to the lack of understanding when it comes to configuration or deadlines are unrealistic resulting in shortcuts being made when configuring devices.
In recent developments the head of Talk Talk received a Ransom Email days after the attack, no doubt asking for money in return for the information that was stolen.
So what can be done to increase security?
No security is 100% however we can reduce the risk by following a few basic practices:
All businesses that use the internet for business have a duty of care to ensure they are protecting assets they hold (On site or Cloud based)– especially if the data stored is sensitive – such as customer information.
It’s becoming more important than ever for businesses to ensure that periodic vulnerability scans are carried out every year as well as a more aggressive penetration test to performed by a third party to identify that the network has sufficient protection.
Social engineering is a massive part of Hacking so educating employees is key. This can be achieved by using a new service we provide at SafeHack uk called a simulated Phishing Attack.
It’s not. Will I be attacked, it more the question of when? So don’t leave it to late and reduce the risk of attack to your business. If you would like to find out more information then please drop us an email or contact us.