These days, it seems that hardly a week goes by without the media reporting news of some type of data breach.
Sadly, cyberattacks have become a regular occurrence for many organizations, and everyone from governments to major banks and retailers has been impacted. For some, the fallout can be devastating.
When thieves gained access to Target’s internal customer data in 2013, an estimated 40 million credit and debit cards were compromised. The well-publicized breach cost the retail chain upwards of $148 million, factoring in claims-related payouts, legal fees and additional security upgrades. In the immediate aftermath, Target saw a 46% drops in profits. The company’s CEO and CIO both later resigned.
Home Depot experienced similar repercussions when hackers gained access to its systems through custom-built malware. Fraudsters stole data from an estimated 56 million payment cards, costing the company upwards of $62 million.
With breaches of this size and scale, there’s also collateral damage. Banks and credit unions that work with impacted businesses also take a financial hit because they’re forced to replace millions of cards.
The bottom line is that security vulnerabilities are costing businesses millions of dollars in revenue, and resulting in job losses and ongoing problems for consumers who have had their data compromised.
Unfortunately, statistics show the majority of cyberattacks are impacting the financial and retail sectors.
In 2014, there were 277 direct attacks with confirmed data losses in the financial industry and 164 in the retail market.
What Can You Do?
Cyberattacks are an unfortunate reality in today’s digital world. We may not be able to stop hackers from designing destructive malware and viruses, but there are important steps you can take as a security integrator to safeguard your customers’ information and assets.
1. Stay Informed
Be aware of existing threats and stay informed by taking advantage of email alert systems, like U.S Computer Emergency Readiness Team (US-CERT) alerts, which provide timely information on security vulnerabilities.
March Networks, too, has taken a proactive approach to dealing with potential video surveillance vulnerabilities by regularly posting information to our website. Our new Security Advisories and Updates webpage lists information about vulnerabilities that impact common third-party software resources used throughout the industry, including those used in our products. Whenever US-CERT reports on security vulnerabilities, we take immediate action to investigate any impact on our products. If appropriate and required, we prepare software/firmware updates, and notify our certified partners about these updates.
This information is regularly posted to our Security Advisories webpage. The page also lists past advisories, their severity levels and which of our software releases resolves each issue. There’s also an option to sign-up for email alerts.
We publish advisories proactively, including when there is no impact to our products.
2. Create a Communications Plan
Create a communications strategy to keep your customers informed about security updates. Send out regular emails or notifications, and encourage them to stay informed. Your customers can also sign up for our Security Advisories alerts.
If you are a March Networks certified partner, you can also sign up for our regular partner communications, which include details on our software/firmware updates. Certified partners can sign up for these communications by visiting our Partner Portal.
3. Ensure Software is Up to Date
While March Networks provides as much backwards compatibility as possible in all of our products, there are times when new software releases or service packs should be applied.
Work with your customers to make sure their systems are up to date. Take advantage of the enterprise management tools that we offer, including the ability to apply software updates to multiple recorders simultaneously through your Enterprise Service Manager (ESM). You can also use ESM to update recorders prior to installing them in the field.
Unfortunately, cybersecurity will likely remain an ongoing issue in our industry, especially as more businesses move toward fully networked solutions. But with just a few simple steps, you can be better prepared to address security issues as they arise, and safeguard your customers’ assets. By taking a proactive approach to this issue, you’ll build confidence with your customers, and help them stay more informed.