As a CIO, proceeding with caution is the name of the game. You have the power to integrate new technology into your company, but planning ahead for potential security threats is critical.
Think of your driveway on a frigid winter morning. If you didn’t put down ice melt, you could be in for a slip-and-fall on your way to the mailbox. Target is one company that failed to prep a worst-case scenario, and any CIO can learn a lesson from its recent accident.
A security breach hits Target
If you used your credit or debit card at Target recently, you might be watching your financial statements carefully. The company announced a security breach in the midst of the holiday shopping season, and not everyone is has fully recovered from the shock.
More specifically, some people have endured financial damages as a result of shopping at the retail giant and placing their personal information in the wrong hands. Now, CIOs are monitoring the situation carefully to make sure they don’t make the same mistake with their technology.
Target CIO Beth Jacob has tried to maintain transparency with customers in an attempt to rebuild trust. However, there are a few obvious questions that have yet to be answered since the debacle.
First, it appears that payment card industry compliance was in place when the breach occurred, so why was it so easy to break down the barriers? Next, it seems that there was an insider threat, according to Forbes magazine. Could Jacob have really done more to prevent the attack from happening?
Avoiding Target’s mistakes
No one wants his or her company to become the next Target in the news. That being said, it’s up to CIOs to take a few extra steps to ensure that their networks are as secure as possible.
Just because you aren’t using point-of-sale terminals at your company doesn’t mean that you aren’t vulnerable. One easy way to make sure that you’re ready for the unexpected is to pretend it’s happening. Re-enact an emergency situation to see if your current strategy works in a worst-case scenario.
Another tactic you can use to ensure that your company and technology are always secure is to train your coworkers accordingly. This means verifying that all employees are up to speed on how to keep networks secure.
Compared to other industries, cyber attacks on financial services, energy, utility and defense organizations resulted in the highest costs in 2012, according to the Ponemon Institute. The average cost to resolve a cyber attack was approximately $1 million.