Written by Dave Stelzl CISSP

Interview with CBS on Recent Hacking Issues and Lax Security

Despite Hacks…People Still Don’t Take Action.

Earlier this week, CBS correspondent Candice Leigh Helfand interviewed me for an article,

Despite Hacks: Info Leaks, Americans Still Lax On Digital Security.

In the wake of Target and Snapchat news just a month ago – CBS-DC wanted to know what to expect in the coming year, and where companies need to refocus.

Target Hacked!

The Target case is interesting because it’s not an online hack!  Just around the holiday peak shopping season, “Target disclosed that encrypted debit-card PINs, credit and debit card numbers, card expiration dates and other bits of sensitive information were stolen from millions of customers (around 40 million) who shopped at the retailer between Nov. 27 and Dec. 15 of last year.”  Wow! How did that happen?  They got it all – PINS too.  By Tampering with credit card swipe machines.

Snapchat Hacked!

The Snapchat hack is another story – only “4.6 million of its users”.  But the news here is that it happened right after, “Security experts warned the company at least twice about a vulnerability in its system.”  In an earlier post I mentioned that I’m speaking on these topics in Chicago next week…but I know several of the executives invited responded back (as they always do), “I don’t get involved in that stuff”…that’s exactly the problem.

When business leaders don’t have any involvement – or take the time to understand, you end up with a Snapchat.  In fact, just after TJX was hacked, losing around 100 million credit cards, I met with several security teams that had called on TJX companies – getting the same response.  Even worse, one of them tried to tell TJX that their wireless networks were accessible from outside the building!  Did they take action?  No.

In the linked news report, Candice writes, “Security experts say it’s the second-largest theft of card accounts in U.S. history, surpassed only by a scam that began in 2005 involving retailer TJX Cos.”  In other words, this is a big one and it will be costly.

The need is there – the problem is getting through to the right people to educate them on the need.  The impact vs. likelihood model I present in the House & the Cloud has been the most effective means of doing this.

© 2014, David Stelzl

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s