Preparing for the Next Cyber Attack
By David Dorf-Oracle on Aug 04, 2014
Cyber attacks are occurring more frequently, and retailers are certainly a top target. The ARTS Board (which includes yours truly) recently had a sit-down with Kim Peretti (pictured), Partner, White Collar Crime Group Alston & Bird LLP. Ms. Peretti gained fame when she successfully prosecuted Albert Gonzalez for his TJX heist of credit card data. Her insights into thwarting and prosecuting cybercrime are known word-wide.
I have to say I walked away thinking cybercrime was unstoppable. What concerned me most was that many of the criminals have been identified but remain protected by other uncooperative countries. One bright spot is that the NRF has established an IT Security Council and is actively working on an Information Sharing and Analysis Center (ISAC) dedicated to the retail industry. The hope is that by sharing details of attacks, retailers can better protect themselves.
Must focus has been given to implementing best practices to prevent attacks, which is still extremely important. But I walked away from the meeting thinking that over time its impossible to be 100% secure, so the second step is preparing for the worst. Retailers must have a response plan that includes at least the following:
- Contact numbers for a small response team. When a threat is detected, you'll want the right people on a conference call to quickly determine next steps. This should include representatives from Legal, Public Relations, and of course IT.
- Contact numbers for the FBI and Secret Service. You may also want to have a cyber forensics specialist in mind as well. You can't afford to waste time before asking for help.
- Contact numbers for key vendors that might be able to assist. This might include e-commerce, POS, and credit card processing vendors. Have these relationships established before you need them.
- A general plan to isolate systems and stop the breach. An over-reaction can also be costly, so make sure there are lots of options available, with far ranging effects.
- The outline for a marketing plan to address the public's concerns. Are you prepared to notify affected customers? How can you quickly re-establish trust?
When I was with Circuit City, I was part of a quick response team that handle a major virus outbreak. The key is being prepared and having the right people available to make and execute on decisions. Its probably worth simulating an attack just to test the response plan. Watch Ms. Peretti's 2013 presentation for more information on cybercrime.