If your recent business trip included a Marriott hotel stay, you may be one of the 500 million guests impacted by the data breach announced early this morning – Friday, November 30, 2018.
According to recent news and reports, a majority of the customers affected by this massive cyberattack are the potential victims of exposed data that includes name, mailing address, phone number, email address, passport number, Starwood Preferred Guest (“SPG”) account information, date of birth, gender, arrival and departure information and reservation dates. For more than 150 million guests, the data breach resulted in the successful payoff to “bad actors” of millions of payment card numbers and payment card expiration dates, although reports say payment card numbers were encrypted using Advanced Encryption Standard encryption (AES-128).
In these referenced reports, hotel representatives stated that after hiring security experts to investigate, Marriott learned there had been unauthorized access to the Starwood network since 2014. Marriott has reported this incident to law enforcement and continues to support their investigation. The company has already begun notifying regulatory authorities.
What does this mean for the SMB community?
The take-away, from a business technology perspective, is the discovery of an unauthorized access that has gone undetected since 2014. Every business is at risk, no matter how small or large, and has the ability to be exposed. Whether your business is at risk of highly-sensitive data being stolen or having your entire digital footprint under ransom, your business needs to be proactive in its cyber security approach.
Today, technology exists to monitor, test, detect and block/prevent potential vulnerabilities and unauthorized entries into your digital environment. Highly advanced tools and processes are available to combat these attacks. These tools and processes require teams of highly skilled individuals to monitor and react when necessary. Also, due to the ever evolving state of cybercrime, these teams are required to have a cadence of ongoing security training and exposure to the most innovative technology available.
Your IT Team needs to have an extensive cyber security strategy to combat these constant attacks
Each of the IT services listed below can only be effective if business leaders work closely with IT consultants and IT professionals to create a cyber security strategy while maintaining your primary business functions and goals.
What are the IT services that help combat devastating Cyber Attacks? Below are examples of a standard Cyber Security strategy:
- Managed Firewall
- Security Awareness Training
- Anti-Virus, Anti-Spam
- Computer patching and vulnerability remediation
- Cloud Security
- Multi-Factor Authentication
- Email Encryption
- Website Protection
- Vulnerability Scanning
- Security Assessments
- Disaster Recovery Services (Backup and DRaaS)
- SOC services utilizing a SEIM platform
- PCI/HIPAA/GDPR Compliance Readiness
Want to learn more about Cyber Security for your business? Be a part of the discussion with the experts!
Join NexusTek on Wednesday, December 12, 2018 for a digital event:
“Cyber Security Protocol: What to Do When the Worst Happens.”
Leading the discussion will be NexusTek’s Senior Director of Solutions Engineering, Paul Barrett and Brook Chelmo, Senior Product Marketing Manager with SonicWall. Join us as we bring two experienced professionals together for a deep dive into the current environment of cybercrime and the best solutions built to combat these threats for businesses like yours. This 45-minute event will include visual concepts of what happens in your environment in the event of an attack, current threat statistics, a downloadable Cyber Attack Emergency Card to print for your staff and much more.