Is it me or do the headlines regarding compromised Point of Sale (POS) systems keep increasing in frequency? Let’s not kid ourselves, there have been some pretty big breaches …Target, Home Depot, Apple iCloud, and as of today, Jimmie John’s. To cyber attackers retail is the new banking sector!
One of my best friends, Don, is a plumber and also a Captain in the Newark, New Jersey Fire Department. This guy works harder than anyone I know, and he’s probably one of the brightest guys I know. I always tease him that he should write a book called “Everything You Need to Know in Life You Can Learn from Your Plumber.”
Interestingly, his solutions are always equated to how he would approach a technical problem from a plumber’s standpoint.
FLY ON THE WALL
A conversation with Don:
RC: “Did you hear about Home Depot getting breached by a cyber attack?”
Don: “I don’t understand what’s so difficult. Let me tell you what we do in plumbing. When a home owner doesn’t like what’s coming through the pipes, like the way the water looks or tastes, we test the water. Based on the water test results, we can put on layers of water treatment solutions to eliminate the threats, and then we can offer periodic testing. In fact, there are systems now that can do real-time monitoring of water quality and alert us when there is a change.”
RC: “First it was Target, and now it’s Jimmie John’s … who’s next?”
Don: “In plumbing, water finds the path of least resistance, even the tiniest of holes in a pipe or structure will, over time, be found and exploited. Next thing you know, the hole gets bigger and things get ruined. There is always constant isometric pressure of water inside your home or business, and if it’s not contained properly, it will run amuck. This cyber problem sounds no different to me than what I deal with daily.”
RC: “It’s scary stuff and every time I pull out my credit card to pay for something at a store, I think twice now.”
Don: “Rob, that’s why cash is king. Let those cyber idiots try to interfere with that transaction. If I don’t have the cash, guess what? I don’t buy it. Cards are for convenience, at the cost of security and trust, and it’s obvious to me that stores aren’t smarter than the bad guys, so why should I entrust them with access to my identity, which could lead to my money. The hackers always win.”
Don: “I don’t understand why everyone doesn’t use PSC’s software security service. No plumber is allowed to self-inspect his or her own work. There are companies out there building pretty cool and important stuff with software, and I don’t understand why they trust themselves more than your company to offer an outside opinion. I don’t get it.”
RC: “It’s not an easy answer. Companies do what they feel is right, and oftentimes, that decision is tied to how it impacts revenue or competitiveness in the marketplace. Our customers realize the software security and quality battle is about data and not what technologies are used to identify the issues. Once they make this shift, it begins cascading through the culture of their company to be driven by data instead of opinions. I’m sure in your business there are homeowners who install their own under-the-sink filtration systems and then never check their water again or don’t change their filters regularly. They feel safe because they have purchased the “tool” that is supposed to catch the harmful things. Essentially, they are making their water potentially worse for their family. There will always be someone out there that you will never convince that you can do a better job and approach their water problem from a different perspective and provide better tasting water beyond their imagination. To them you’re just the plumber that only fixes pipes and not water quality problems. It’s no different in my business.”
Don: “Hm … but my customers aren’t building things that could potentially kill someone, cause the market to crash or cause damage to their brand in the market. You won’t find me shopping at Home Depot anymore.”
Don makes a valid point, right? This, of course, is why I have been urging him to write a book – believe me, his brilliance doesn’t stop at the current state of cyber security in retail.
I don’t know if Apply Pay will save the day or Bitcoin or Zerocash. What I do know is that companies need to put aside more of their budgets to address cyber security on an ongoing basis. An unbiased opinion can provide valuable information that could make or break the future of your brand and the loyalty of your customers.
PSC Vice President, DCG Sales