Technology that detects. People that defend. Breach of defences Serving the needs of more than four million customers – TalkTalk is one of the UK’s biggest telecoms providers. Following the cyber attack, TalkTalk had to quickly navigate through a very complex and fast-moving environment. TalkTalk not only had to understand and remediate its technical estate but also manage the cultural impact of a cyber attack, on its customers as well as on employees. These were uncertain times… …and TalkTalk needed a responsible partner that could trust to help them navigate the situation, not just any security vendor. “Urgency and criticality of the situation meant that teams had to come close...

Technology that detects. People that defend. Breach of defences Serving the needs of more than four million customers – TalkTalk is one of the UK’s biggest telecoms providers. Following the cyber attack, TalkTalk had to quickly navigate through a very complex and fast-moving environment. TalkTalk not only had to understand and remediate its technical estate but also manage the cultural impact of a cyber attack, on its customers as well as on employees. These were uncertain times… …and TalkTalk needed a responsible partner that could trust to help them navigate the situation, not just any security vendor. “Urgency and criticality of the situation meant that teams had to come close quickly”, says Phil Clayson, TalkTalk’s Technology Director. 3 // 8 Technology that detects. People that defend. Transformation TalkTalk, working with BAE systems, adopted a two pronged remediation program – get well and stay well. Just as the human immune system continually adapts to new forms of threats, organisations today need to become more cyber resilient to keep up with the pace of change. Get well “The BAE team that landed just after the attack were experts in cyber – no question,” says Phil. “Very quickly, they helped us better understand our technical estate and what needed to be done – starting with identifying and tracking our business applications.” TalkTalk’s growth by acquisition had resulted in a number of duplicate and legacy applications, tools and services. The BAE Systems Incident Response team worked alongside TalkTalk colleagues to identify and map the number of applications – an early estimate of 350 doubled in size just a week later –in order to understand the breadth of the technology portfolio and provide comprehensive remediation actions. Stay well “This is where BAE Systems added enormous amount of value”, Phil continues. Working together, BAE Systems did a complete audit of TalkTalk’s software estate - more than 1000s of various software, and hundreds of (legacy) applications, accumulating huge tech debt over a number of years. Businesses today are worried about cyber security and rightly so, however, technology stability is a broader business issue that could impact trading risk. Business leaders should invest in modernising their technology stack and decommissioning old technology because of the cyber risks it poses. BAE Systems helped TalkTalk to identify the benefit of streamlining its technology infrastructure to ultimately improve its security and risk posture and support the business to become more agile. The two teams meshed tightly together and led TalkTalk to simplify its technology infrastructure and identify weaknesses to ensure that a similar attack couldn’t succeed elsewhere.