“It’s the Most Vulnerable Time of the Year”
by Earl Knight
According to an article posted by Security Magazine last week, 2 out of 3 people are concerned about data breaches during the current holiday season however, 73% of those people who avoided online shopping in the past feel more comfortable online shopping since the beginning of the Covid-19 Pandemic.
Last year I remember reading an article published by helpnetsecurity when it was shared to me by civilian industry peer as well as a fellow National Guardsman during Drill weekend for the Florida Air National Guard.
It was an excellent read on how security teams need to set the example to protect our house but, utilize this important time to prove the value of our service. It’s pretty crazy how much things have changed since that article was published. So, I managed to brainstorm a few ideas in relation to this year’s “Most Vulnerable Time of the Year”.
Let’s face it! We are typically more distracted during the holiday season. I remember as a child going last-minute shopping with my mom and younger siblings the day before Christmas and how she accidently ran over my little brother’s foot while trying to juggle that last-minute shopping, family event preparation and three young children that were excited about Santa Claus coming. I cannot recall many December 23rds, where she didn’t get a call or text reminding her the anniversary of her running over little Matthew’s foot. (Sorry Mom!) We are in the middle of a global Pandemic and we just had an election. We are distracted!
• More people are working remotely and many companies had to get vpn access stood up on the fly!
• Companies are creating Pandemic exemptions, shortcuts or “waivers” in relation to Change Management, Incident Management or Patching.
• This is vacation time and those vacations aren’t always coordinated well which leaves nobody watching the gate.
• “Wear a Mask, Stay at Home” is what we have been hearing since April. Thus, Staying at home is preferred and more people are shopping online!
Adversaries know all of this and they will use to exploit consumers and companies. It’s hard to believe that it’s been 7 Years since the Target breach which cost that company over 18.5 million dollars in settlement cash.
So, let’s Focus, take the extra time to be vigilant. Like TSgt Molloy said in USAF Basic Military Training -“Take your time and do it the right way the first time and you won’t have to do it all over” – or get breached…