In March, I wrote about the attack on the infrastructure of United States of America. It wasn’t an attack on our naval bases, bridges, or water supply. It was an attack on the infrastructure of our internet, rendering websites, including Twitter and Netflix,
catatonic. It was an attack with malware, allowing hackers to target websites with high traffic which they were ill-equipped to support. While many writers labeled this attack as a simple annoyance, I argued it is was symptom of a much larger problem. An annoyance,
it was. But, it created “trickle-down economic pain” for websites which depend on advertising dollars. And, it shows just how vulnerable our systems are.
Enter GameStop. A company trying hard to revolutionize in an age where going shopping means a lazy Sunday in pajamas rather than hopping in your car to drive to the mall. A company which is shuttering stores and restructuring by opening new ones abroad.
And a company which has a target demographic likely significantly more in-tune with the technical aspects and risks associated with a hack than the average corporation.
Last week, the retailer announced a potential incident, which may have leaked customer data and credit card information to hackers. The data exposed could run the gamut: names, card numbers, expiration dates, and CVV2s. I feel like I’ve seen this movie before.
Target. Home Depot. Ashley Madison. GameStop is not unique in their problem. They’re not even unique in their confusion. But, they are a sign of what’s wrong with corporate leadership.
The time to break the cycle of these hacks and start preparing for cybercrime is now. Security upgrades are not “nice to haves.” They are a part of the core business, especially for retailers, which rely on consumer confidence. After the hack, it is too
late. And, no amount of free credit monitoring will change the fact that the hack happened. Hackers are always looking for the next great security breech, and it is incumbent on corporations to defend their domain vigorously. Better still, their security apparatus
should be tested and verified by an independent, cybersecurity firm. From the most pragmatic point of view, if your company is targeted by a successful attack, your customers will find some comfort in the fact that you spared no expense to ensure their personal
and financial privacy.
Some judge us by the things we’ve done. Most judge us by what we do next. It is time for corporations to step up and provide real leadership to prevent against cybercrime.