Hacking, Security Breaches Detailed at PRINT 17 In-plant Breakfast

For many in-plant managers attending PRINT 17, Monday morning began with breakfast and a sobering statistic: the average cost of a data breach in 2017 was $7.35 million.

In-plant managers listened with rapt attention.

In the session "Production Printing in Today's Security-Sensitive World," Senior Advisor Aaron Hale, Canon Solutions America, and Carlos Fernandes, CEO of Agile Cybersecurity Solutions, looked at the current landscape of global cybersecurity and the vulnerabilities that exist within many companies, that go undetected. The breakfast was sponsored by Canon Solutions America and hosted by IPG. (This session will be reprised in a free webinar on Oct. 11 at 2 p.m. ET. Details here.)

Moderator Paul T. Murphy, Canon Solutions America, opened the session by outlining the seven different levels of hacking, ranging from minimal hacking done for fun or with an activist agenda in mind, all the way to malicious organized crime groups and whole nations who hack to gather intelligence or to earn money.

Laura Lockett (Sacramento State) and Liz Bowden (University of Illinois) listen closely during the session.

Hale launched into the statistics showing the amount of financial damages as a result of hacking, as well as a detailed look at the state of security in 2006 versus 2017. At the early stages in 2006, the threats happened sporadically and were more perimeter focused, were externally focused and consisted of more static threats, such as viruses, worms and trojans. Now, we are facing a crisis of frequent, data-centric insider threats that are dynamic and polymorphic.

Fernandes explained that hackers exploit company vulnerabilities and every company needs to be prepared and talk about cyber security, because if you're not prepared the results could be catastrophic.

“It's kind of like building your house on sand,” he said. “If you don't have a good, strong foundation, a wind will come and knock it down.”

In order to combat the threats of hackers and build a strong foundation of cybersecurity, in-plants, and printers in general, should follow a set of three guidelines.

First, build a collaborative risk management strategy complete with training and education of staff and a disaster and recovery plan. Fernandes said that close to 80% of all hacks come from an internal threat: either an employee inadvertently introduces the malware or virus into the computer system or it is introduced intentionally by an internal force.

Second, adequate device security precautions need to be implemented.

“Many times hacks could have been prevented, but companies aren't taking the proper precautions,” Fernandes said.

Third, job submission and workflow needs to be adjusted to prevent a security threat. Hale urged attendees to “just say 'no'” to USB drives from customers. If it's absolutely necessary to take a USB for a job, always make sure to test the drive on a offline network first, so as to not put the entire network at risk.

The risks of not preparing for hackers is enormous, as are the benefits of taking the time to be prepared. The benefits include value-add to the greater organization, brand integrity, the opportunity to bring in new customers, sustained uptime in the event of a disaster, customer retention, and of course, avoiding the cost of recovering from an attack.

Fernandes concluded that because the world is now an interconnected global community, companies are “only as strong as our weakest link,” and that printers need to work to be part of the solution.

“We need to understand how serious this is and most people have no idea how serious it is,” he said.

This session was so popular that IPG will be presenting it again as a webinar on Oct. 11 at 2 p.m. ET. Details here.