Getting these (cyber security) basics well covered will thwart over 90% of all cyber attacks - without breaking the bank.
New York, NY (PRWEB) April 12, 2013
While intellectual property theft or the compromise of other important ESI (Electronically Stored Information) related to the inner workings of a business can be devastating in their own right, nothing quite compares to the madness that follows when a retailer loses control of their customers’ data, especially actual credit card information right from a POS (Point of Sale) system. Schnucks, a St. Louis-based privately held supermarket chain with almost 100 stores across the Midwestern US, is the most recent victim of hackers to find themselves in full damage control mode after making headlines because of just such a cyber-heist. Joe Caruso, founder and CEO/CTO of Global Digital Forensics (GDF), took some time to discuss how both the chances of thwarting a data breach, or surviving the fallout should one occur, can be substantially increased with the right solutions in place.
When trust and integrity are shaken, it can be a long road back.
“Judging human behavior can often be a real puzzle, but sometimes it’s not mystifying at all. You could be told a hundred times as a child not to touch the stove because it’s hot, but did the lesson really sink in until you actually did touch it and got burned? Probably not. But once you did finally experience getting burned, the lesson stayed with you; beware of hot stoves. When your customers get burned by hackers because of a transaction they completed with your business, it works much the same way. It’s a painful lesson they will not soon forget, and to them, you become the evil hot stove they want to avoid at all costs. They’ll also tell their friends, family and anyone else who will listen to stay away too. And that does not bode well at all for future success. But with the right approach, like a pre-planned lightning fast response, timely disclosure of the actual facts behind the incident, and appropriate mitigation steps, it’s not an insurmountable task. Because in the end, everyone is still going to need to use a stove, the trick is convincing your customers, with deeds and facts, not empty talk, that you identified the problem, fixed it, put additional safety measures in place to keep it from happening again, and above all else, prove to them you have their concerns at the forefront of your own. Those are all the boxes we help business check off every day and keep them in the game.”
Do not neglect the basics
“The very first thing every business owner, executive or manager should know is that in the world of cyber security, covering the basics can go a long way. And it saddens me, frustrates me and even scares me sometimes when we get called into a company for the first time and all we get is the sound of crickets when we start asking basic questions about what kind of security measures are in place. It’s almost like a cyber version of Kitchen Nightmares, except it’s not a disgusting refrigerator with rotten food that provides the shock value, it’s how absolutely vulnerable their most vital digital treasures are, how haphazardly their customers’ most valuable and personal information is handled, and how oblivious even owners with everything on the line can be about just how much risk they are shouldering and how far they will fall if the cross-hairs of a cyber attacker should happen to land on them. But we are just as determined to help our clients and we turn over every stone to help them get their “kitchen” in order so they can succeed in our digital world.”
What can Global Digital Forensics do to help businesses deal with data breaches and cyber attacks?
“It all starts with a comprehensive cyber threat assessment and penetration test. Our cyber security experts will assess the clients entire digital landscape, from in-house policies which may be outdated, or even worse, non-existent, to any unique regulatory compliance issues they may face. Then we will perform a penetration test, which is basically attempting to hack a network the same way a real-world attacker would, which is a very effective way to provide a baseline for improving cyber defenses on all fronts by identifying all the weak links in the chain. Our testing also includes a social engineering component which we tailor to the client’s unique situation to test for weakness and susceptibility to things like USB launched attacks, phishing and spear phishing campaigns, and other popular methods used by cyber attackers. Getting these basics well covered will thwart over 90% of all cyber attacks - without breaking the bank.”
But what if an attack occurs anyway?
“GDF has experienced and savvy emergency incident responders strategically positioned across the country which allows us to execute cyber emergency response with times unrivaled in the industry. We can also offer “no-retainer” Service Level Agreements for emergency cyber incident response services after we have done the client’s threat assessment and penetration testing for them because we’ll already know the intricacies of their digital infrastructure and data workflow, we’ll know who to work with internally, and we will have already ironed out a detailed emergency response plan which can be instantly executed. And it’s designed to not only respond to and remediate the threat itself, but also with a strong focus on regulatory compliance issues and disclosure responsibilities, so any negative fallout is kept to an absolute minimum and nervous clients, vendors and investors stay confident everything that can be done for their protection is already being done and shown to them in precise detail in black and white should they desire. The other great thing for the client is they won’t have to pay us one additional red cent to have our professional responders on call if there is no cyber incident emergency.”
"When it comes to cyber security, an ounce of prevention is worth a lot more than a pound of cure, it could mean the difference between long term success or total failure for any business, so is it really worth leaving the future to pure chance? One call can make the difference."
*Global Digital Forensics is a recognized industry leader in the fields of cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a plan which will meet your unique needs. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to get help. For more information, visit http://www.evestigate.com.