You name your company the same as a 80s/90s band whose last album (1991) was called “Laughing Stock”.
For some reason, as yet undisclosed, you store all of your customer details, past and present, in the buff, unencrypted (accessible through your clearly vulnerable) Internet-facing web servers.
No matter the root cause, which will be forthcoming in very exquisite detail, you have to ask yourself did the IT infra folks at TalkTalk know about their exposure? Do they do vulnerability management? Do they do risk assessments? Do they understand what might go horribly wrong?
Four million customers have had their names, addresses and bank account details lifted. Over five percent of the UK population. In fact, TalkTalk are struggling to quantify the breach.
This is not acceptable.
ITC advocates a ‘crown jewel’ approach. Protect what is important to you by assessing the risk, the likelihood of compromise and the impact to your business. Unless you do this you cannot plan your investment.
If you do not know what you are vulnerable to, you have no hope of protecting against compromise or quantifying your risk. ITC’s straightforward five steps to security helps to bring this into focus.
If you would like to discuss how ITC can help you make really important security decisions, do give us a call on: +44 (0) 20 7517 3900
