Is Your Company’s Brand Putting You at Risk for a Cyber Attack?

Media Division | August 29, 2016

The definitions for cyber-criminal activities just keep expanding.  The early pop culture speculations of cyber-crime involved whizzing on a motorcycle through the cyber-verse, or playing games with a disenfranchised computer (which happens to control the military’s nuclear arsenal).  We thought of hackers as hoody-wearing (white, male) adolescents stealing credit card numbers from their parents’ basement.

IRL (in real life) the stakes are higher. In recent history we have seen major corporations like J.P. Morgan, Target and Home Depot in the cross-hares of sophisticated (sometimes state-sponsored) cyber-attacks.

Why? And are certain brands at higher risk than others?  What does that mean for your company’s brand? And, how can be be solved through cyber threat intelligence?

Targeted Attacks

In a shifting landscape, certain patterns still materialize.  For example, most cyber-attacks are not-specific—just broadly aimed at anyone who opens a malicious attachment or clicks on a fake website.  Even the name for many such broad attacks, phishing, stems from the fact that you took the bait and fell victim: hook, line and sinker.

In an emerging trend, however, hackers target specifically an individual or a business.  Sometimes such an attack seems merely for “bragging rights,” such as in the social media hack of Facebook founder Mark Zuckerberg.  Other times, the hack has a specific financial or competitive goal.

Another emerging phishing trend: whaling.  Catching “the big fish” means targeting executive-level data or passwords—executives who have broad access to all corporate data. (Security alert: one more reason to compartmentalize, layer protection, and not have broad-access passwords for executives or IT professionals).

Cyber Threat Intelligence Data – Why Attack Your Brand?

So what possible motivation could hackers have to access your brand?  Your data suits important hacker motivations:

1. Data with value. Most companies retain a surprising quantity of data with a price on the cyber black market.  Of course your customer credit card numbers have value, but also your employee social security numbers, your tax-related information, your customer and vendor data, even your email lists, all fetch a price in the cyber-crime world.

2. Market upset. The real cost of a cyber-attack must also be measured in brand damage, and that may be the very price cybercriminals aim to extract.  Whether or your brand reputation as compares to your peers, or the strength of your brand in the marketplace broadly, corporate-sponsored, state-sponsored and hackers-for-hire all take to their computers for such nefarious purposes.

3. Trade secrets. Brand reputation includes the perceived value of your products, and your internal SOP’s, intellectual property, etc., have value both on the black market and to your competitors.  Corporate espionage is as old as corporations; hackers have only made the job easier (and remotely accessible!).

What Can You Do?

Given the frequency of broad-scale attacks and the specificity of targeted attacks, what can you do to mitigate risk and protect your assets?

1. Plan—as cyber-crime evolves, cyber protection must as well.  Review your cyber security protocols and bring them up-to-date.  If you don’t have a plan, make one!

2. Protect—include in your plan your protection tools, both internal, regularly updated security tools and access to relevant, evolving cyber security feeds.

3. Educate—your plan must include educating yourself and your employees about common attacks, safety measures, data storage, data access and more.  An educated IT team does not suffice, in today’s cyber security landscape.  Any computer or other device, any employee with internet access can put your company at risk of a cyber-attack.

The bigger they are, the harder they fall: the greater the value of your brand, the higher the price, the harder the thud.  Cyber criminals can cost you money, brand reputation or even your business.  If you plan, protect and educate you will be prepared and stand the best chance of escaping the hacker quagmire. Start with intelligence feeds and a solid cyber threat intelligence plan.

MEDIA DIVISION
Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.