Retailers under siege from thieves
While the recent data breach suffered by Target in which nearly 40 million debit and credit card numbers were compromised has garnered a lot of attention, statistics also show that retailers aren’t fairing much better when it comes to losses from their physical stores. According to the 25th Annual Retail Theft Survey released by Jack L. Hayes International in June, outside shoplifting and internal employee theft numbers rose in 2012. The survey, which featured 23 of the country’s largest retail companies, found that shoplifting apprehensions increased 7.4 percent and the recovery dollars from shoplifters increased an amazing 22.7 percent. Dishonest employee apprehensions and recovery dollars also increased in 2012 - 5.5 percent and 7 percent respectively. The 2012-2013 Global Retail Theft Barometer, which was published just last month, found that losses from shrink, which include shoplifting, employee fraud, organized retail crime (ORC), and administrative errors, cost retailers more than $112 billion last year, representing 1.4 percent of retail sales on average.
Washington Navy Yard shooting
Twelve people were killed and three others were injured in September when Navy reservist Aaron Alexis walked into the Washington Navy Yard an opened fire with a shotgun. The deadly shooting has raised numerous questions about the background screening process for government contractors who have authorized access to secure facilities as Alexis did at the Navy Yard. Alexis had a well-documented history of mental health issues and criminal conduct. A sister of one of the victims recently filed a lawsuit against the Navy, the Department of Veterans Affairs and two defense contractors seeking $37.5 million in damages.
Obamacare’s impact on security
Although the full effects of the Affordable Care Act have yet to be fully realized as it pertains to security, there are a myriad of concerns within both the cyber and healthcare security community about the devastating impact the legislation could have on their constituents. Cybersecurity experts started sounding the alarm bells when the new online health insurance marketplace, HealthCare.gov, first went online in October. While the website was maligned for its well-publicized glitches, many IT security experts expressed concerns about how hackers might exploit the situation by launching spear-phishing campaigns.
“Now you’re looking at those health exchanges that allow the bad guys to go for a highly-targeted spear phishing attack that you could essentially automate if you’re looking at large-scale organization,” said Stu Sjouwerman, founder and CEO of IT security awareness training firm KnowBe4. “With their own data mining tools, they can now create a profile of an employee at let’s say, for example, Home Depot. You do a little bit of research on what health insurer Home Depot has, now you can create a highly-targeted spear phishing attack to a few key, often C-level employees, but not necessarily always. You can get in through the mail room as well.”
Industry experts say that provisions within the law will impact physical security at hospitals as well. According to Ben Scaglione, director of healthcare security services for G4S and a member at large on the board of the International Association for Healthcare Security and Safety (IAHSS), hospitals are being forced to make tough spending decisions regarding support services which include security.
“What healthcare is starting to see right now is a loss in Medicare and Medicaid funding. What Obamacare has setup is that hospitals get a basic set of reimbursement or a basic number of dollars and then to get more of those dollars, it is based on (the hospital’s) clinical data and patient satisfaction data. They have to meet certain national guidelines that are going to be changing over the next couple of years in order to get that higher level of reimbursement,” Scaglione explained.
AT&T continues aggressive market roll out