Every year, the impact of cyberattacks on businesses of all sizes continues to mount. According to Cybersecurity Ventures research, it's estimated that damage related to cybercrime is projected to hit $6 trillion annually by 2021. Cyberattackers do not discriminate based on industry sector, which is why it's imperative that print service providers (PSPs) consider this threat as seriously as they take investing in new printing equipment. Moreover, in an industry dominated by small and medium-sized enterprises, the issue could not be more relevant, considering more than 60% of breach victims in 2017 were businesses with fewer than 1,000 employees.
The director of product management, Kodak Software Division at Eastman Kodak Co., Stephen Miller, sat down to discuss what the biggest cybersecurity challenges are and how printers can best protect their organizations.
- What’s one of the biggest challenges to combatting today’s cybersecurity threats that printers need to understand?
It's important for printers, many of whom are small- and medium-sized businesses, not to ignore the risk of an attack. We tend to think only major brands are being compromised because they get lots of media coverage, but that doesn't mean it can't happen to an unknown company. Hackers don't discriminate based on size or reputation.
Hackers have figured out that the most vulnerable part of a computer network is a human being. They've realized they no longer need to go through all the trouble of using sophisticated tools to exploit computer networks when they can just as easily rely on a human to open the doors. And the door they are walking through is, in many cases, an employee email account.
These malicious emails rely on deceiving users into opening attachments or clicking a link to an infected website. Once they have gained access to a company’s resources, they can steal information or cripple business operations.
- What impact do these cyberattacks have for printers?
The nature of these attacks can vary. For example, email phishing campaigns are typically designed to install malware, which can result in several issues for a company. It can block access to crucial components of your network and hold it for ransom until your company pays off the hacker, or it can disrupt individual parts that render your system inoperable. There’s also spyware that covertly obtains information by transmitting data from your hard drive. In every case, it’s a massive headache for the company targeted, disrupting operations while employees work to recover from the attack. How long it takes — and how costly it will be — depends on the severity of the incursion. A recent report from Chubb Insurance notes that the average price tag for a business to recover after a cyberattack is $400,000, which can be fatal for small-and-medium-sized enterprises.
Aside from the cost to your bottom line, it can damage your firm’s reputation and erode the trust of your customers. You can imagine what this might look like if your internal systems were compromised. An employee mistakenly opens a link in a familiar-looking email, which then unleashes a malicious file that locks up your servers with critical customer print files. If you’re lucky, resolving this issue could be a minor inconvenience, or it could take days or weeks to work through the damage, incurring lost time, financial resources, and dissatisfied customers.
- What practical steps can printers start taking to mitigate the risk of a cyberattack?
It’s important to understand that the cost to add additional protection to harden your network security can be far less than the cost to remediate a security incident after an attack has occurred. It really needs to be considered in the same way you look at taking out insurance for your company’s delivery vehicles, or fire protection for your company’s manufacturing facility. The only difference in enhancing your network security is that you are actively mitigating the risk of a breach.
Three steps that we would recommend taking today are:
- Isolate Business-Critical Data. It’s not enough to merely back up your data. You need to know what data is critical to your business processes and operations. Once you do that, you need to isolate that data using software that can automate the process of storing business-critical data offsite. If a hacker can’t see it, they can’t access it.
- Educate and Train Your Staff. Educating your staff is key. Ninety percent of attacks today come right through the front door via email phishing schemes. There is excellent advice online, or you can hire an outside consulting firm to help educate your organization about how to defend against this problem.
- Evaluate Options to Move Critical Data and Systems Offsite. In addition to isolating and securing your business-critical data, you can consider moving that data off your LAN to a much more secure environment, like hosting your software and data in a secure cloud environment.
- How is Kodak helping printers protect their networks from outside threats?
Computer networks, like the one you use every day to run your business, are naturally designed to share information. When a network shares information, computers are linked together to pass information from device to device. Uncorrupted, it creates the incredible business efficiencies we all take for granted today. Of course, the same interconnected network can also be used to rapidly transmit a pernicious virus intended to cripple your ability to operate the business.
At Kodak, we approach this issue from the software engineering side by what's called network segmentation. Part of that approach is to isolate data, because if a hacker can't see your files, they won't be able to access them. With PRINERGY's SaaS (software as a service) offerings, we have a PRINERGY cloud agent which is installed on the PRINERGY server and acts as an encrypted conduit to your secure cloud storage account. For a printer using PRINERGY VME with Managed Services, their files are removed from their local area network and sent over the internet to their cloud storage account, where multiple copies are made automatically, and securely stored in two different Microsoft Azure data centers.
Also, our KODAK PRINERGY Managed Services, which falls under the category of IaaS (Infrastructure as a Service), allows printers to access best-in-class security tools to help harden their network and improve operational efficiencies, redundancy, and uptime.
The services available via KODAK PRINERGY Software have the benefit of being hosted on the Microsoft Azure platform, where Microsoft invests $1 billion a year in security research, far exceeding what any business could do on its own by hiring a security specialist. In addition to the security features provided by Microsoft, Kodak works with Wipro, a leading IT security services provider to perform quarterly risk / security assessments and penetration testing for all data centers hosting PRINERGY Software.
Ultimately, security is all about layering in additional protections. With businesses needing to keep up with constantly evolving security threats, the advantage of moving to the cloud for security means you can seamlessly keep up with the latest tools and processes to keep your data and business safe.
- People:
- Stephen Miller