Keeping Who-ville Cyber Secure This Holiday Season

Keeping Who-ville Cyber Secure This Holiday Season

"They're finding out now that no Christmas is coming! They're just waking up, I know just what they'll do. Their mouth will hang open a minute or two, then the Whos down in Who-ville will all cry, 'Boo Hoo.'"

- Dr. Seuss, How the Grinch Stole Christmas


If we were to relate the Grinch to cyber security terms, we'd call him a quintessential threat actor. His sole focus is finding a way to stop Christmas from coming, no matter the cost. Like a threat actor, Mr. Grinch checks the perimeter of Who-ville looking for vulnerabilities and gaps that can be manipulated so he can destroy the Whos' sense of safety and security.


Today's threat actor operates in much the same way as the Grinch, working overtime to identify vulnerabilities to stage an attack. Instead of stealing packages and Christmas dinner, threat actors exploit customer data, leaving your business and customers at risk.


Protect your business from threat actors - the tall and the small - this holiday season with Optiv's top five tips.


  1. Have a plan. Identify security gaps by shining a light on them to increase visibility. Proactive incident management planning enables businesses to develop and evaluate the efficacy of their programs. Enterprises need to develop an incident response plan so the entire team understands when an event turns into an incident, what types of incidents they are likely to face from threat actors and more importantly, who the experts are for response efforts.
  2. Audit point-of-sale (POS) now. The explosive growth of POS types and related applications creates more endpoints on-premises and in the cloud, resulting in a far larger attack surface. Enterprises must implement greater security within the software development lifecycle to protect credit cards, Personally Identifiable Information (PII) and secure endpoints. Without security from inception, the risk of vulnerabilities within the POS or applications increases significantly.
  3. Remind others that holiday season is hacker season. The holiday season is the most active time of year for malicious cyber activity. According to Forbes, "The four main ways in which social engineering occurs is by phishing, in which the hacker uses email to trick someone into giving them access to some kind of account or login or financial information; vishing, which is the same but through voice, such as a phone call; impersonation, which is done in person, on site; and smishing, which occurs through text message." Enterprises need an incident management program in place so everyone involved knows what to do before, during and after an incident. Awareness of these activities breeds vigilance during this time of year.
  4. Beware of lurking ransomware attacks. Ransomware attacks scale up during the holiday season. E-commerce sites and many other endpoints offer attackers an array of entry points. Having an e-commerce site taken down by ransomware would be especially painful for a retailer during the holidays. To keep these endpoints secure, enterprises should boost security vigilance with iterative, differential attack and penetration testing.
  5. Use secure payment options when possible. A unique, holistic Secure Payment approach will help secure the entire payment process throughout the cardholder data environment (CDE), fortifying security related to endpoints, applications and networks. Tighter integration of security, with a laser focus on data protection, enables merchants to advance their security maturity while allowing customers' peace of mind knowing their data is protected.


Hackers don't take a holiday when you do. Avoid a Grinch-style attack this season by implementing the above tips. Wishing you a cyber safe holiday season!

Jeff Wichman
Managing Security Consultant, Enterprise Incident Management
Jeff Wichman is a managing security consultant in Optiv’s enterprise incident management practice. Jeff’s role is to provide leadership to the enterprise incident management security consultants, technical expertise in digital forensics and incident response programs and processes, and mentoring the Optiv enterprise incident management team.