cybersecurity
Subscribe to cybersecurity's Posts

Preparing for Evolving Cybersecurity Threats

The recent ransomware attack against the Duvel Moortgat Brewery demonstrated the very real risk that cybersecurity incidents pose to the alcohol industry, reportedly halting operations for several days at four of Duvel Moortgat’s facilities in Europe and the United States. This attack comes after other major alcohol producers experienced disruptive ransomware attacks in the last several years. Incidents like these can be devastating for a company’s business and reputation, and hackers’ strategies are constantly evolving to maximize their damage. But companies can be prepared with an information security program designed to prevent successful attacks and quickly respond if one occurs. Experienced partners such as McDermott are critical resources throughout this process, enabling companies to better update and fortify their security programs.

THE GROWING THREAT OF ATTACK

Hackers have extorted companies through ransomware attacks for decades, but hacker strategies have evolved to increase the risks to companies, often resulting in a larger ransom for the hacker. A “ransomware” attack traditionally refers to a strategy in which a hacker gains access to a victim’s computer system, encrypts the information on those systems and demands a ransom payment to unlock that information. Victims may try to avoid paying the ransom by restoring most of their systems from backups, but hackers have recently introduced additional strategies that can complicate that recovery. Today, hackers often try to steal the victim’s information before encrypting it on the victim’s system, so that they can sell or publish the information if the victim refuses to pay the ransom. Hackers also may try to “corrupt” backups so that the victim cannot effectively restore its system without the hacker’s assistance. One ransomware group, AlphV, says that it also reports its publicly traded victims to the US Securities and Exchange Commission if they don’t pay the ransom.

Determining whether to pay a ransom is a complicated decision, with either choice presenting notable risks. The ransom will likely be expensive and must be paid without any guarantee that the hacker will make good on its promises. The decryption software or key may not work, or the hacker may not delete information. One hacking group, LockBit, is believed to save victims’ information after their ransoms are paid despite promising to delete it. The hacker may be willing to negotiate a lower payment amount, but doing so takes valuable time while the victim’s systems likely remain nonfunctional. The hacker may be under sanctions, in which case paying the ransom would be illegal and could result in a fine for the victim. Paying the ransom rewards the hacker, which may increase the risk that the hacker targets the victim again. There is rarely a clear path back to safety after a successful breach, so it is important that the victim make an efficient, informed decision.

OPPORTUNITIES FOR PREPARATION AND PREVENTION

Companies can minimize these risks by maintaining a security program designed to prevent incidents from occurring and to effectively respond if they do occur. The security program should utilize administrative, technical and physical security policies [...]

Continue Reading




read more

Key Takeaways | Trends in Customer Data Acquisition and Use for Alcohol Companies

In a recent webinar, Alva Mather, Scott Ferber, Amy Pimentel and David Saunders reviewed how alcohol companies should be thinking about and maximizing their data. They shared innovative marketing strategies and addressed privacy and cybersecurity considerations from an alcohol commercial side.

Some of the significant topics discussed included:

  1. Keeping Ahead of Supply Chain Cyber Threats
  2. Using Collected Data
  3. Leveraging Personal Data for Marketing
  4. Transparency

Access the webinar and key takeaways.




read more

Data Breach: How to Prepare for What Experts Have Deemed Is Inevitable

Data security experts often say there are two types of businesses: those that have been hacked and those who will be hacked. Many small business owners believe they are too small to attract a hacker or fall victim to a breach, but this is not true. Given the costs and broad reach of data breaches, small businesses must take a proactive role in preparing themselves for a breach and mitigating its effects. A small business can take practical steps to better protect itself and its brand from the effects of a data breach.

Read the full article.

Originally published in Artisan Spirit: Summer 2019.




read more

Data Security for Craft Brewers

Over the past few years, news headlines have been filled with reports of large data security breaches impacting major brand names and affecting millions of people. It seems like with each new day comes a new breach. The reports are alarming for businesses and consumers alike.

No industry is immune from the soaring increase in data security breaches—not even craft brewing. Many small businesses owners erroneously believe they are too small to attract a hacker or fall victim to a breach. Scotty’s Brewhouse, the Indiana-based brewery and restaurant chain, experienced a data breach in January 2017 when an employee emailed 4,000 employee W-2 tax forms to an unknown scammer posing as the brewery’s CEO. Continue Reading.

Originally published in the January/February 2018 issue of The New Brewer. 




read more

BLOG EDITOR

STAY CONNECTED

TOPICS

ARCHIVES