Unbeknown at the time, last holiday season’s credit card security breach involving tens of millions of Target customers began with a malware-laced e-mail phishing attack sent to employees at Fazio Mechanical Services, Inc., an HVAC firm that was contracted for electronic billing, contract submission, and project management with the nationwide retailer.
The Wall Street Journal reported that financial institutions in the case of the Target breach have spent more than $200 million to ease consumer concern while spending $172 million alone just to replace cards that have been compromised. Post breach costs to rectify resulting, adverse issues associated with it have been termed, ‘staggering.’
The Ponemon Institute reports on average, data breaches and subsequent fines and litigation costs U.S. business $534 million every year, the highest in the world. The direct monetary costs combined with the dramatic expenses of violated consumer relations and potential non-compliance with payment card industry security standards can cripple an organization of any size.
As a follow-up to the holiday shopping Target attack, Forbes recently published an article posing three critical questions for information technology (IT) security organizations: “Did Fazio Mechanical really need electronic connectivity to Target’s networks?; Did Target investigate and test Fazio’s security before connecting them to the network (and vice versa)?; How did an attacker get from the part of Target’s network that Fazio was connected to over to Target’s payment network (and not get noticed!)?” All questions combined net the most pertinent question of all: “HOW do you prevent a security breach?”
Fazio Mechanical’s strategy to avoid malicious, Target-like cyber-attacks was to use a free version of Malwarebytes Anti-Malware (MBAM), which is designed for identifying and removing threats in individual user environments but not intended for those operating in corporate environments as explicitly stated in the software license.
Ecrypt Technologies, a publicly traded emerging provider of data security solutions, is focused on solutions to address information security challenges of the 21st Century. The company enables organizations of all sizes to communicate and collaborate in Target-like environments without the risk of liability, reputation damage, competitive threat, security breach, or other adverse outcomes.
The company’s primary solution is an integrated e-mail and encryption server that can be quickly deployed to fortify the security of corporate communication, including attachments and mobile devices, against data breaches while eliminating phishing threats, malware infections, and spam.
From security consulting to full implementation, Ecrypt specializes in five market sectors: healthcare, government and military, law enforcement, legal services, and financial services. In these sectors, Ecrypt removes human vulnerabilities to optimize enterprise security; fortifies against data leaks, device theft and e-mail-originated threats; provides granular role-based access controls for system administrators; and secures communications with third parties, like vendors and clients.
Security breaches such as the one experienced by Target represent one of many cyber-attacks directed at global organizations every single day. The FBI in January 2014 issued a warning that intrusions into point-of-sale (POS) systems are on the rise, despite heightened action by law enforcement and security firms to mitigate the attacks.
By using Ecrypt’s paradigm-shifting technology, companies alleviate the need for separate encryption servers with their associated bloated administration and multiple points of weakness, demonstrating that the success of cyber-attacks doesn’t necessarily have to rise in proportion to increasing numbers of actual attacks. With adequate security solutions in place, an organization has the power to successfully defend itself from attacks even on a daily basis.
For more information visit www.ecryptinc.com
Let us hear your thoughts: Ecrypt Technologies, Inc. Message Board