In my 30+ years of performing risk, vulnerability and threat assessments, I have always advised my clients to be really careful with whom they hire to for “maintenance and cleaning crews”. This news about the Target data breach validates my advice.
According to news reports, the hackers that pulled off one of the largest and most expensive data breaches ever, did so by stealing/hacking credentials from Target’s HVAC subcontractor. Once the hackers had the HVAC subcontractor credentials, they had access to Target’s network and were able to place their sophisticated malware…and you know the rest of the story.
This ‘Connecting the Dots’ wake-up call is for retail, financial, healthcare, government, education and others who work with personal, credit card, medical and financial data.
Is your organization connecting all the right dots? Does your organization have the right tools for all the right departments – Risk, IT, Facilities, Security, Compliance, Privacy, Threat Assessment and others –to connect all the right dots?