Hotels, casinos and resorts are increasingly targeted by cyber criminals using a variety of means to access private data. Recent communications from the FBI indicate Point of Sale (POS) malware is still a significant threat and cyber criminals are using this attack method to infect networks, extract data, and quickly sell the data on cyber criminal markets. Protecting your environment from threats is more than just meeting compliance requirements, such as the Nevada Gaming Commissions Information Technology MICS - it involves layers of security designed to protect the environment, detect security incidents, and give you the information needed to quickly eradicate problems when they do occur. The cost of a potential breach is steadily increasing, the Ponemon Institute's 2015 Cost of data Breach study reports the average cost of a data breach in the United States now costs $217 per record and criminal or malicious attacks are the number one cause of data breaches globally.
Every environment is unique and uses a different mix of people, process, and technology for these layers of security - but a few universal tips include:
- Change all default passwords on POS devices and the POS server
- Block all POS devices from communicating directly to the internet
- Use anomaly detection solutions to detect possible infections
- Isolate the POS network to reduce exposure to threats
- Regularly test security measures to validate their effectiveness
If you have questions or need assistance, please feel free to contact your RubinBrown advisor or any of our Cyber Security Risk Services professionals.
Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties. Gaming Services Overview