Rise in cyberattacks means firms must develop security skills and mindset

7 Nov 2013

The recent spate of data breaches that saw 43,000 Irish people’s credit and debit card details fall into the hands of hackers are a stark warning to public and private-sector organisations to be on their guard.

A cyberattack on Ennis-based LoyaltyBuild, which operates loyalty schemes on behalf of Supervalu, Axa and Stena Line, resulted in the credit and debit card details of 43,000 customers being accessed.

The breakdown included 39,000 Supervalu customers, 4,368 Axa customers and more than 50 Stena Line customers.

It is understood that the CVV numbers on the back of cards required to complete transactions were not stored on the compromised servers.

The same spate of attacks affected 102,000 people in Norway and Sweden.

The cyberattacks reported this week is a stark warning to all organisations that they need to be better prepared to guard against sophisticated threats that can cripple information technology systems, according to RSA, the security division of EMC which employs 3,000 people in Ireland.

Firms need to upskill and develop a security mindset

Gerry Murray, EMC’s country manager, said the cyberattacks reported this week was symptomatic of new risks to our IT systems, as cyber-adversaries around the world try to disrupt organisations.

“The rate and rise of cybercriminality shows that IT systems have never been more vulnerable and organisations need to take more proactive steps to prevent cyberattacks as part of a new defence strategy,” Murphy said.

“With the rise of targeted and sophisticated adversaries, we learn more about weaknesses and we now know that intelligence-driven information security is emerging as the clear pathway for all organisations to protect their IT infrastructure.

“That means collecting reliable cybersecurity data and researching prospective cyber-adversaries to better understand risk and learn about why and how attacks occur.

“It means developing new skills in the IT team to produce and analyse intelligence and identify normal and abnormal system and end-user behaviour in the IT environment,” Murray added.

He said combating advanced threats will require a new security mindset and improved practices for gathering, sharing and acting on cybersecurity intelligence.

Cyber war image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years