Get All Access for $5/mo

Target's Security Breach Stresses the Need for Better Cyber Security Criminals are getting more clever in the theft of consumer information. Companies should take immediate steps to better protect sensitive data.

By Eric Basu Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Target's recent credit card security breach that affected 70 million customers was a huge hit to the retailing giant at the most inopportune time. To the retailer's credit, it took this matter extremely seriously by quickly informing customers and offering 10 percent discounts to anyone who came into its stores the weekend before Christmas.

The bigger issue for the retailer is everyone coming in with their two cents on what Target should have done to prevent this breach, including two U.S. senators seeking investigations from the Consumer Financial Protection Bureau and the Federal Trade Commission. There are also potential class action lawsuit filings against the retailer in California and Rhode Island.

Yet in the ensuing and understandable media melee, one crucial point has largely been missed: the makeup of the criminals that perpetrated the act. Though not much has been disclosed, there's little doubt in my mind that this was not the work of some part-time hacker living in his mother's basement. While there are always lessons to be learned to make things better, we as security experts must openly acknowledge that cybersecurity is a war where the enemy is a formidable, organized and very sophisticated threat.

Related: Target Says Up to 70 Million Customers Affected By Hacking

Data breaches like the one Target suffered are typically conducted by organized crime syndicates or similar groups with a sizeable level of cleverness. They have a vast number of highly-skilled resources at their disposal from virtually every corner of the globe and strike with keen precision. They have a network like no other and when these criminal organizations hit, they hit hard. The Ponemon Institute's 2013 Annual Cost of Cyber Crime Study noted that the financial impact of cyber attacks is up nearly 78 percent.

Corporations, security experts and consumers need to act accordingly by taking cybercrime more seriously. It's no longer a question of if, but when an attack will occur and how best to ensure it doesn't infiltrate sensitive accounts. The first line of defense is also no longer the individual, as it once was. That's because consumers no longer "own" their data. Information is moving so fast that these folks have their account information, address, phone numbers and other sensitive data on many servers they neither see nor control.

Organizations that house this data must recognize that they bear the responsibilities of protecting the information. It's a daunting task to be sure, but one where investments in security will prevent costly loss of revenue and litigation in the same manner that Target is now struggling to deal with.

Related: Don't Get Hacked -- Tools to Fight Cyber Attacks

The key is to fight the cyber enemy with the same level of sophistication and respect that they have for their intended victims. This is a clever enemy before us, but one that can be defeated if we understand the size and scale of the threat. The advantage we as information assurance experts and corporate executives have is possessing tried and true methods to thwarting such threats, with elements that include:

Categorizing information for its value to others. Ensure a keen understanding of what kind of data may be of interest to would-be cyber criminals. Prioritize it by the need to protect it. This will serve as a foundation for developing strategic information assurance initiatives against a fixed budget.

Fully understanding the user base. Identify people and activities to develop potential threat profiles. It will help in focusing efforts to thwart attacks that occur from or are caused by improper activities from within. Training and awareness of employees is also a key aspect here. Surprisingly, many people who hold high-level security clearances will keep their passwords on a piece of paper in their notebook, or unencrypted in a document on their phone or computer.

Monitoring systems. Identify all entries and exits; be they printers, thumb drives, network boundaries, etc. Watch happenings at these key points as well as system wide. More importantly, don't just track the raw activity levels, but trends as well. Develop baseline metrics to identify abnormalities quicker and take action in a more rapid fashion.

Let's make 2014 the year we get the upper hand in this emerging cyber war.

Related: Cyber Security a Growing Issue for Small Business

Eric Basu

CEO of Sentek Global

Eric Basu is the CEO of Sentek Global, a provider of government and commercial cybersecurity and information technology solutions. 

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

'Let It Go': A Couple Has Spent $400K Suing Disney After Being Banned From the Park's Exclusive 33 Club. Social Media Reactions Have Not Been G-Rated.

After getting banned from the exclusive members-only club for alleged bad behavior, a California couple has spent a fortune trying to get back to paling around with Mickey.

Leadership

6 Effective Tactics for Handling a Toxic Boss

Salvaging your dignity from an abusive boss is a job all its own.

Franchise

Taco Bell's New Mountain Dew Baja Blast Gelato Is Causing a Frenzy — But Fans Have One Big Complaint

The company released the dessert to mark the 20th anniversary of the iconic Mountain Dew Baja Blast, which has garnered a cult-like following since its debut in 2004.

Side Hustle

How a History Student Turned Her Side Hustle Into a Startup That's Raised $7 Million: "People Always Tell Me, 'I Thought I Had to Major In Computer Science to Be an Entrepreneur'"

Audrey Wisch never imagined she'd be one of those kids who dropped out of college to grow her side hustle into a startup. But with the help of AI, her "human-centric" service is scaling up.

Business News

These Are the Best Cities for Starting a Business — and Surrounding Yourself With Millionaires

Here are 10 U.S. cities that stand out for entrepreneurship, according to a new report.