"During that time we notified all of our customers of the potential vulnerabilities and the software mitigation now available from us, with the goal of initiating this software update and making sure they had all critical data behind appropriate firewalls and had replaced the default password. This was all basic network security best practices," he said. "The FCC and FEMA both released advisories in early spring to change passwords, use firewalls and make sure you installed the updated software from us."
Czarnecki is passionate about continuing the security conversation. He sees a market sector almost void of IT policies for software, access and control of networks.
"We would recommend that a community of interest around cyber security and the media industry be built. One successful outcome from all of this has been an open dialogue between the agencies and the broadcast industry and closer scrutiny on getting the industry to mandate stricter security policies," he continued. "If you can install basic firewalls on your home computers there is no reason you can’t do them same for these critical EAS systems in your facilities. You don’t have to be an IT expert. The question for the FCC is whether or not good security practices among broadcasters shall be a regulatory issue and fall under their purview.
"There is a growing public/private partnership discussion at play here as well regarding the issue of security in this niche industry sector. A huge challenge is dealing with the nature of disclosure and how it is perceived by the general public. The sensationalism of a disclosure could certainly be seen as damaging to the very nature of the EAS function and the trust the public has with broadcasters charged with delivery of the message."