Distributed Denial of Service (DDoS) has long been common, but there's evidence that these types of attacks are on the rise, posing yet another threat to retailer systems.
With the latest attacks at some of the nation's largest retailers, the pressure's on for all businesses to demonstrate they're doing whatever it takes to keep their customers' confidential information safe and out of the hands of the bad guys. With headlines changing every day on what actually happened and how, many are unsure of where to begin making changes to protect their own businesses. The truth is, many of the greatest protective measures to secure confidential information are also the most simple. While attacks have incrementally gained in sophistication, they often aren't immune to being detected and stopped before the damage has been done.
Hackers set off roughly 60,000 alerts in Neiman Marcus' security system, alerts that were ignored, during an attack that compromised customer account information during a four month period in 2013.
A new app helps companies with data breach notification compliance. The free app was developed by the law firm Fox Rothschild to help retailers better understand the myriad state laws, federal statutes and additional resources. Breach notification compliance is challenging "because we don't have a national standard or a federal statute on data breach notification, but we have literally 46 different state [laws]," said Scott Vernick, a partner at the law firm, in an interview with Information Security Media Group. "We just thought that we would try to create something that would be useful to privacy professionals and in-house counsel who are trying to respond to breaches by putting information at their fingertips."
A new Verizon report has found that many businesses, following their annual assessment for meeting the Payment Card Industry Data Security Standard, fail to maintain ongoing compliance-- putting the businesses at an increased risk for data breaches and the subsequent financial repercussions and damages to reputations.
The Retail Industry Leaders Association (RILA) announced the latest in a string of partnerships to enhance cybersecurity in the wake of data breaches at several retailers including Target, Neiman Marcus and Michaels Stores. The new partnership with the National Cyber-Forensics and Training Alliance (NCFTA) is positioned to enhance cybersecurity information sharing and expand retailers' proactive and vigilant approach to cyber threats to protect consumers against criminals. Partnering with the NCFTA is one of several approaches RILA is taking to enhance collaboration across the entire payments system. Last week, RILA announced it is joining forces with the Financial Services Roundtable to lead a partnership between the merchant and financial services industries.
Target computer security personnel may have raised concerns about potential vulnerabilities in the retailer's system in advance of the November 2013 data breach.
It is so unfortunate and strange that Target's massive data breach can be traced back to one vendor. An HVAC vendor at that. However, that is what investigators found after the months-long investigation into the breach.
The massive card breach that cost Target, Michaels and other retailers millions of dollars is likely what fueled new policy goals from the Retail Industry Leaders Association (RILA).
Target will adopt chip and PIN technology six months ahead of Visa and MasterCard's October 2015 deadline as executives push for wider adoption of the technology.