Cybersecurity Awareness: What Businesses and Consumers Should Do to Protect Themselves deprived of their customers. It is the responsibility of organizations to ensure they have cybersecurity in place to protect themselves and their customers' information. It’s also “the job of each of us to protect our own data” as informed consumers. Assigning blame or responsibility to one party over another is not that simple. There are many factors to consider and study before you can say that one party is fully responsible over another for any hacking of its systems. It may very well be that hackers are simply smarter than businesses and have more sophisticated systems than the security systems organizations have in place. Unless there is gross negligence on the part of the organization in failing to maintain security systems, have the minimum required cybersecurity systems in place, or have inadequate controls in place to its employees, we must then understand and know that the company and the consumer share the responsibility for protection, which means that we all share the responsibility. Say no to plagiarism. Get a tailor-made essay on “Why Violent Video Games Should Not Be Banned”? Get an original essay If an organization can demonstrate that it has taken all available precautions to ensure that it has removed potential cyber threats and vulnerabilities in order to “protect its customers’ data” from an attack” (Snider, 27 December 2013), the organization is therefore not 100% responsible for the hack. “The threat of these attacks has increased to such a degree that many cybersecurity professionals admit that it is almost impossible to prevent them 100%” (Navetta, May 23, 2011). Just as an organization must have protection, so must consumers. There are many companies, such as LifeLock, that safeguard an individual's personal information against an identity theft attack. Consumers should deal with a credit card company that monitors fraudulent activity. Additionally, they should monitor their credit reports annually to ensure there is no fraudulent activity. If a consumer is not willing to contribute to their protection, they must operate on a cash basis only. Additionally, if consumers want organizations to be 100% accountable, they need to understand that there are costs involved. Businesses would have to spend more on these titles and would ultimately pass that cost on to their customers. Consumers who wish to use credit or debit cards should ensure, when shopping online, that the websites they use are secure and use encryption technology. This will help protect their private data. For businesses, the law “requires organizations to use security controls to protect customers’ private appointments.” Therefore, if an organization has adequate protection, or better protection, and the consumer has taken precautions to protect their private data, each party must be confident that the protection is sufficient. However, we must understand that being on the web means being vulnerable. There are systems in place that can track every keystroke used, every phone call made from acell phone, every text message sent and received, and so much more. The technological world we live in carries many risks. It is almost impossible to live in today's society without being confronted with this risk. Therefore, businesses and consumers must understand the risks, do everything possible to mitigate them, and share protection and responsibility for those risks. Neiman Marcus HackIn February 2014, the Neiman Marcus Group's credit card payment system was hacked. The hackers “triggered alerts on the company's security systems approximately 60,000 times as they wormed their way through the network” (Elgin, February 24, 2014). Hackers had access to Neiman Marcus computers for more than eight months. It sent "hundreds of alerts per day because their card theft software was automatically deleted from the Dallas-based retailer's payment records every day and had to be constantly reloaded" (Elgin, February 24, 2014). The hackers were so smart that they gave their hacking software a name similar to Neiman Marcus' payment software. That's why it went unnoticed during routine reviews by the Neiman Marcus security team. An investigation found that “Neiman Marcus followed standards intended to protect transaction data when the attack occurred” (Elgin, February 24, 2014). It is estimated that fewer than 350,000 customers' credit card information was compromised and that "about 9,200 of them have been used fraudulently since the attack" (Elgin, February 24, 2014). Although they met the required standards of protection, there was negligence on the part of the Neiman Marcus security team. The hackers remained in their system for more than eight months undetected, even though hundreds of alerts were triggered daily. Security professionals should have asked why these alerts were occurring and noticed new software, even if the name was similar to theirs, sooner than the eight months it took. In this case, Neiman Marcus should be held responsible for any losses suffered by its customers.Michaels HackingBetween May 8, 2013 and January 27, 2014, various Michaels stores were hacked and 2.6 million customer data was exposed during this attack. Credit and debit card numbers and expiration dates of these cards were allegedly compromised. The hack attacked and “invaded its point-of-sale system” (Harris, April 18, 2014). This attack was similar to the attacks on Target and Neiman Marcus and “allegedly carried out by a gang of criminals in Eastern Europe” (Harris, April 18, 2014). Michaels was able to identify the exact locations of the stores attacked and what time it happened. Currently, only a limited number of cards have been used fraudulently. There was also a hack at one of Michaels' subsidiaries, Aaron Brothers. The breach at Aaron Brothers affected approximately 400,000 customers and was also a point-of-sale attack. Michaels reported that the hackers used very sophisticated malware that went undetected for months. This malware siphoned data from customers' credit and debit cards when they were swiped at cash registers. Unfortunately, this wasn't Michael's first attack. Their first hack took place in 2011 and was identical to the type of attack that occurred in 2013-2014. Michaels was negligent during the 2013-2014 hack because after the 2011 hack, they did nothing to provide additional protection for their systems. The fact that they were exposed once and did nothing to protectThe more their systems or clients leave them with 100% of the responsibility for the second violation. Dairy Queen HackingIn October 2014, Dairy Queen announced that it had discovered point-of-sale malware. . “The hackers used “backoff” malware to track and record transactions in the recording machines” (Stone, October 10, 2014). This breach affected 395 of the more than 4,500 Dairy Queen locations in the United States. Customer names, credit and debit card numbers, and expiration dates were compromised. The malware has been detected in 46 states with Dairy Queen restaurants. This type of malicious point-of-sale malware is also how hackers were able to hack Neiman Marcus, Michaels, Home Depot, and Target. “The U.S. Department of Homeland Security and the U.S. Secret Service released a security report warning that the “backoff” was capable of “scraping memory to track data, record keystrokes, command and control communications and inject a malicious stub into explorer.exe” (Stone, October 10, 2014). Officials believe this type of hacking has become popular with hackers because antivirus software currently in place at many retailers cannot detect this specific malware and because a point-of-sale attack can provide hackers with more tens of thousands of consumer data. Many Dairy Queen stores are franchises. There are no standard data breach protocols required between Dairy Queen's corporate headquarters and its franchisees. As Adam Levin of Credit.com and Identity Theft 911 said, "It is quite concerning that a large national franchisor does not require, among its myriad rules of conduct and franchisee practices, that franchisees follow standard data breach protocols to protect customers, franchisees and the goodwill of the mothership” (Sullivan, August 27, 2014). Relying on the fact that there were no standards to protect customers, Dairy Queen was negligent and should be liable for losses suffered by customers. Following the attacks, Neiman Marcus President and CEO Karen Katz said in a statement: “We have taken steps to notify affected customers for whom we have contact information. Our goal is to protect your personal and financial information. We want you to always feel confident shopping at Neiman Marcus, and your trust in us is our top priority” (Albanesius, January 17, 2014). Neiman Marcus contained the intrusion, removed the malware and took steps to further secure its information systems. In addition to apologizing for the attack, they stated that "the security of our customers' information is always a priority and we sincerely regret any inconvenience" (Mohney, January 11, 2014). After the Neiman Marcus attack, the company has spent “so far $4.1 million on legal fees, investigations, customer communications and credit monitoring subscriptions” (Murphy, March 25, 2014). Each customer was offered one year of free credit monitoring. They are currently working with the Secret Service to bring criminals to justice. While Neiman Marcus has taken all of these steps, Katz urges customers to be vigilant for any suspicious activity they may notice on their credit card statements or reports. Neiman Marcus is taking steps to further secure its systems, offering credit monitoring to its customers and apologizing for the compromise, demonstrating that it acknowledged the lack of.

Essay / Cybersecurity Awareness: What Businesses and Consumers Should Do to Protect Themselves deprived of their customers. It is the responsibility of organizations to ensure they have cybersecurity in place to protect themselves and their customers' information. It’s also “the job of each of us to protect our own data” as informed consumers. Assigning blame or responsibility to one party over another is not that simple. There are many factors to consider and study before you can say that one party is fully responsible over another for any hacking of its systems. It may very well be that hackers are simply smarter than businesses and have more sophisticated systems than the security systems organizations have in place. Unless there is gross negligence on the part of the organization in failing to maintain security systems, have the minimum required cybersecurity systems in place, or have inadequate controls in place to its employees, we must then understand and know that the company and the consumer share the responsibility for protection, which means that we all share the responsibility. Say no to plagiarism. Get a tailor-made essay on “Why Violent Video Games Should Not Be Banned”? Get an original essay If an organization can demonstrate that it has taken all available precautions to ensure that it has removed potential cyber threats and vulnerabilities in order to “protect its customers’ data” from an attack” (Snider, 27 December 2013), the organization is therefore not 100% responsible for the hack. “The threat of these attacks has increased to such a degree that many cybersecurity professionals admit that it is almost impossible to prevent them 100%” (Navetta, May 23, 2011). Just as an organization must have protection, so must consumers. There are many companies, such as LifeLock, that safeguard an individual's personal information against an identity theft attack. Consumers should deal with a credit card company that monitors fraudulent activity. Additionally, they should monitor their credit reports annually to ensure there is no fraudulent activity. If a consumer is not willing to contribute to their protection, they must operate on a cash basis only. Additionally, if consumers want organizations to be 100% accountable, they need to understand that there are costs involved. Businesses would have to spend more on these titles and would ultimately pass that cost on to their customers. Consumers who wish to use credit or debit cards should ensure, when shopping online, that the websites they use are secure and use encryption technology. This will help protect their private data. For businesses, the law “requires organizations to use security controls to protect customers’ private appointments.” Therefore, if an organization has adequate protection, or better protection, and the consumer has taken precautions to protect their private data, each party must be confident that the protection is sufficient. However, we must understand that being on the web means being vulnerable. There are systems in place that can track every keystroke used, every phone call made from acell phone, every text message sent and received, and so much more. The technological world we live in carries many risks. It is almost impossible to live in today's society without being confronted with this risk. Therefore, businesses and consumers must understand the risks, do everything possible to mitigate them, and share protection and responsibility for those risks. Neiman Marcus HackIn February 2014, the Neiman Marcus Group's credit card payment system was hacked. The hackers “triggered alerts on the company's security systems approximately 60,000 times as they wormed their way through the network” (Elgin, February 24, 2014). Hackers had access to Neiman Marcus computers for more than eight months. It sent "hundreds of alerts per day because their card theft software was automatically deleted from the Dallas-based retailer's payment records every day and had to be constantly reloaded" (Elgin, February 24, 2014). The hackers were so smart that they gave their hacking software a name similar to Neiman Marcus' payment software. That's why it went unnoticed during routine reviews by the Neiman Marcus security team. An investigation found that “Neiman Marcus followed standards intended to protect transaction data when the attack occurred” (Elgin, February 24, 2014). It is estimated that fewer than 350,000 customers' credit card information was compromised and that "about 9,200 of them have been used fraudulently since the attack" (Elgin, February 24, 2014). Although they met the required standards of protection, there was negligence on the part of the Neiman Marcus security team. The hackers remained in their system for more than eight months undetected, even though hundreds of alerts were triggered daily. Security professionals should have asked why these alerts were occurring and noticed new software, even if the name was similar to theirs, sooner than the eight months it took. In this case, Neiman Marcus should be held responsible for any losses suffered by its customers.Michaels HackingBetween May 8, 2013 and January 27, 2014, various Michaels stores were hacked and 2.6 million customer data was exposed during this attack. Credit and debit card numbers and expiration dates of these cards were allegedly compromised. The hack attacked and “invaded its point-of-sale system” (Harris, April 18, 2014). This attack was similar to the attacks on Target and Neiman Marcus and “allegedly carried out by a gang of criminals in Eastern Europe” (Harris, April 18, 2014). Michaels was able to identify the exact locations of the stores attacked and what time it happened. Currently, only a limited number of cards have been used fraudulently. There was also a hack at one of Michaels' subsidiaries, Aaron Brothers. The breach at Aaron Brothers affected approximately 400,000 customers and was also a point-of-sale attack. Michaels reported that the hackers used very sophisticated malware that went undetected for months. This malware siphoned data from customers' credit and debit cards when they were swiped at cash registers. Unfortunately, this wasn't Michael's first attack. Their first hack took place in 2011 and was identical to the type of attack that occurred in 2013-2014. Michaels was negligent during the 2013-2014 hack because after the 2011 hack, they did nothing to provide additional protection for their systems. The fact that they were exposed once and did nothing to protectThe more their systems or clients leave them with 100% of the responsibility for the second violation. Dairy Queen HackingIn October 2014, Dairy Queen announced that it had discovered point-of-sale malware. . “The hackers used “backoff” malware to track and record transactions in the recording machines” (Stone, October 10, 2014). This breach affected 395 of the more than 4,500 Dairy Queen locations in the United States. Customer names, credit and debit card numbers, and expiration dates were compromised. The malware has been detected in 46 states with Dairy Queen restaurants. This type of malicious point-of-sale malware is also how hackers were able to hack Neiman Marcus, Michaels, Home Depot, and Target. “The U.S. Department of Homeland Security and the U.S. Secret Service released a security report warning that the “backoff” was capable of “scraping memory to track data, record keystrokes, command and control communications and inject a malicious stub into explorer.exe” (Stone, October 10, 2014). Officials believe this type of hacking has become popular with hackers because antivirus software currently in place at many retailers cannot detect this specific malware and because a point-of-sale attack can provide hackers with more tens of thousands of consumer data. Many Dairy Queen stores are franchises. There are no standard data breach protocols required between Dairy Queen's corporate headquarters and its franchisees. As Adam Levin of Credit.com and Identity Theft 911 said, "It is quite concerning that a large national franchisor does not require, among its myriad rules of conduct and franchisee practices, that franchisees follow standard data breach protocols to protect customers, franchisees and the goodwill of the mothership” (Sullivan, August 27, 2014). Relying on the fact that there were no standards to protect customers, Dairy Queen was negligent and should be liable for losses suffered by customers. Following the attacks, Neiman Marcus President and CEO Karen Katz said in a statement: “We have taken steps to notify affected customers for whom we have contact information. Our goal is to protect your personal and financial information. We want you to always feel confident shopping at Neiman Marcus, and your trust in us is our top priority” (Albanesius, January 17, 2014). Neiman Marcus contained the intrusion, removed the malware and took steps to further secure its information systems. In addition to apologizing for the attack, they stated that "the security of our customers' information is always a priority and we sincerely regret any inconvenience" (Mohney, January 11, 2014). After the Neiman Marcus attack, the company has spent “so far $4.1 million on legal fees, investigations, customer communications and credit monitoring subscriptions” (Murphy, March 25, 2014). Each customer was offered one year of free credit monitoring. They are currently working with the Secret Service to bring criminals to justice. While Neiman Marcus has taken all of these steps, Katz urges customers to be vigilant for any suspicious activity they may notice on their credit card statements or reports. Neiman Marcus is taking steps to further secure its systems, offering credit monitoring to its customers and apologizing for the compromise, demonstrating that it acknowledged the lack of.

Navigation

« Prev 1 2 3 4 5 Next »

Get In Touch