hackers dislike it more. The stronger the password, the better the pro- tection. Many companies may also require password changes as often 12 character limitations. Close accounts as soon as people leave your routine employee termination process.
Education and Awareness This may be your biggest protection against the bad guys. When peo- ple think of attacks they think of brute attacks from hacking groups or countries. The most vulnerable areas of our cyber world come from within. The most successful access into any network isn’t through a browser hack, it’s from tricking users to click on links or open mali- cious content. Educate your entire company to be aware of everything they open or click on. If you don’t know the sender, it’s likely to be spam or a virus. Even if you know the sender and the email is out of the ordinary, it’s possible that their computer has been compromised. Contact the - to access your information are getting sneakier. When in doubt, these are best deleted immediately or sent to your IT department for review.
The Target Hack The hackers responsible for the 2013 Target data breach which ex- posed payment information of 40 million customers (later revised to private data of 70 million customers) gained access by obtaining cre- had been previously hacked with malware that was delivered by email. It was through this third-party system’s access that the hackers were eventually able to get access to the personal cash register data of Tar- get customers. Verizon investigators learned that Target had “no controls limiting access to any of their systems, including devices within stores such as - million credit card transactions per year) undergo a yearly PCI audit had implemented the basic security required by the credit card pro- cessing industry, and the hack still occurred. believe to be in place, and actual security which requires constant ver- - mine if they are employing the proper procedures and protections. If not, access should be restricted.
Point of Sale Systems (we all have them) The vulnerability of Point of Sale (POS) systems is on the upswing with over 500 attacks this year. We all employ Point of Sale systems - ers have taken notice. More recently facilities have started to experi- ence these kinds of intrusions and there is more to come.
Phishing Half of people click anything sent to them. Phishing is the practice of sending emails purporting to be from reputable companies to in-
Photo credit CC Christiaan Colen IAVM 19
duce individuals to reveal personal information, such as passwords and practice is.
Spear-phishing Spear-phishing is the practice of sending emails as if from a known information such as passwords and credit card numbers. In a recent penetration test of a highly secure government laboratory, Phishing and Spear-phishing campaigns were successful in getting nearly 10% done in a manner that allowed the penetration team to access secure
Public assembly facility owners and operators must ask themselves, how vulnerable are we to an intrusion? What systems or equipment if compromised could interrupt an event or keep an event from occur- could paralyze our ability to run our business? The pace of these intrusions and attacks appears to be increasing exponentially. We must be prepared or face the consequences. FM
Solutions Group at
russ.simons@
venuesolutionsgroup.com.
VENUE SAFETY & SECURITY COMMITTEE 2017
Chair: John Siehl, CFE
Vice Chair: Russell Dyer Mark Camillo Kevin Dooley
Karen Hoffman, CVP Colin Holman
Alex Keen, ETCP
Kevin Kovalycsik, MBA, MPA Tristyn Meyer
Russell Read, CFE, CMP Russ Simons Carrie Stewart Denise Zigler
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52