14 DAY TRIAL // British Airways was in talks to transfer part of the company's security services to IBM at the beginning of August 2018, while still keeping security operations services within the company according to a leaked memo on The Register's forums.
This happened a month before the company suffered a severe data breach between 21st August and 5th September, which lead to more than 380.000 customers payment card data being stolen after BA's apps and website were attacked.
"Internal and external reports undertaken highlight that further investment is required in cyber security across IAG to provide a group-wide strategic and proactive approach," said BA's Group IT Service Effectiveness Manager, John Hamilton.
The BA manager also stated that "We have therefore outlined proposals to set up a Cyber Security Office and transfer the services of Cyber Security to a third-party partner, IBM, as a managed service to cover all cyber security services required to support IAG and its OpCos."
The recent data breach incident follows two more critical IT incidents from last year
Hamilton, also says in the memo that the proposal was already approved by the British Airways Management Committee (MC) so that the consultation process could start between the company and IBM.
The move was a direct result of the increasing security threats faced by most organizations around the world during the past year, and, possibly, to a lack of highly qualified staff of security experts on British Airways' payroll.
The British Airways data breach comes after two other IT incidents from 2017. The first one from May was a computer failure which brought down BA's Heathrow airport entire network and kept more than 70.000 customers stranded for an entire weekend.
The second happened in July 2017, when British Airways had to both delay and cancel numerous flights from the same London Heathrow airport because of malfunctions within their IT systems.
British Airways has not yet provided any information on how their systems have been breached due to a still ongoing investigation by the police and a number security experts but has assured all their customers that all needed measures to prevent further loss of customer data have been taken.