The uncomfortable truth is that is a matter of when, not if. Sounds like a scare-mongering statement from an insurance sales rep right? It’s true. We’ve spoken with five smaller newspapers that have faced a data breach in the past several months. That’s the ones we know of. But why?
There are several reasons smaller newspapers are at risk, as well as some magazines. The primary one is that majors like Washington Post, NY Times, Chicago Tribune, Globe and Mail, The Economist, Conde Naste…they’re all givens for targets. So they have better defences and plans for being breached.
BlackHat Hackers know this full well. They still try of course, but many are turning to small and mid-size newspapers. Why?
Often, smaller publications don’t think they’re worth being hacked and that they don’t have much for a hacker. Maybe a few thousand subscribers? That’s what hackers want and they target smaller newspapers, magazines and even non-profit organisations. It’s easier and they combined the data sets into one large one that they can either sell on the Dark Web or use for thier onw purposes. These types of hackers think in terms of quantity over many smaller targets.
Hackers want your circulation and subscriber data. Personal information. If you have credit card data on file, that’s a bonus. Beyond just being hacked, is the fall-out as a result. Litigation and risk to the board of directors.
What can a smaller newspaper or magazine do to protect themselves and prepare then? First of all, is doing a threat analysis or cyber resilience analysis. At the same time, you need to ensure you have data governance and owner or board of director protections in place in case of litigation.
Don’t take a pat answer from your IT folks or service provider that you’re all sorted and okay. Maybe, but maybe not.
We’re seen a distinct growth in just several months in the number of data governance and data breach readiness assessments we’ve done. We’ll write more on data breach preparedness soon, not just for news media, but most any business.