CISOs still struggle for respect from peers
Chief information security officers (CISOs) continue to have a hard time gaining the respect of other C-suite executives despite the heightened focus overall on information security.
Chief information security officers (CISOs) continue to have a hard time gaining the respect of other C-suite executives despite the heightened focus overall on information security.
Security SNAFUs? How bad is it so far this year? Well, let's start with Snapchat's 4.6 million user database SNAFU, followed by a parade of retail stores including Neiman Marcus and Sally Beauty Holdings, telling their customers how their payment card information had been hacked. The hacker group Syrian Electronic Army was also busy tormenting Microsoft, among many others. And there's plenty of other mischief, such as denial-of-service attacks and cyber-espionage to round out what's only the first half of the year.
Security SNAFUs? How bad is it so far this year? Well, let's start with Snapchat's 4.6 million user database SNAFU, followed by a parade of retail stores including Neiman Marcus and Sally Beauty Holdings, telling their customers how their payment card information had been hacked. The hacker group Syrian Electronic Army was also busy tormenting Microsoft, among many others. And there's plenty of other mischief, such as denial-of-service attacks and cyber-espionage to round out what's only the first half of the year.
A large batch of stolen credit card numbers for sale on an underground forum may have come from a breach at P.F. Chang's China Bistro, a US restaurant chain that said on Tuesday it is investigating.
Sally Beauty Holdings confirmed Monday that it fell victim to a data breach, an incident that may have coincided with a project to update point-of-sale terminals at its U.S. stores, a recent regulatory filing shows.
Target said Thursday it investigated but ultimately dismissed early signs of a data breach, a decision it likely regrets after suffering one of the largest payment-card and personal-data breaches on record.
The U.S. Congress should pass a law requiring businesses that have lost customer information in cyberattacks to notify those affected, U.S. Attorney General Eric Holder said Monday.
Neiman Marcus has revised downward the number of credit and debit cards exposed in a data breach, from 1.1 million to 350,000, according to a notice posted Friday on its website.
Recent data breaches at Target and Neiman Marcus were sophisticated attacks not detected by robust cybersecurity measures, executives with the two companies told U.S. lawmakers.
One in three data breach victims in 2013 later experienced fraud, according to a survey released Wednesday, a sharp increase that doesn't bode well for millions of Target shoppers.
The failure of U.S. financial institutions and retailers to implement more robust cybersecurity measures, such as the smart-card technology widely used in Europe, was questioned and criticized by members of the U.S. Senate Judiciary Committee at a hearing Tuesday.
The head of the organization in charge of maintaining security controls over credit card transactions insisted Monday that its standards remain solid despite the concerns raised by data breaches at Target and other companies.
Payment card data was stolen during the past three months from several dozen retailers that had their point-of-sale systems infected with a memory-scraping malware program called ChewBacca.
Michaels, a large U.S.-based arts and craft store chain, said Saturday it is investigating a possible data breach after suspicious activity was detected on payment cards used at its stores.
The data breaches at Target and Neiman Marcus have re-ignited a campaign by retailers to get U.S. consumers to carry "PIN and chip" credit and debit cards instead of less-secure magnetic stripe cards. Lost in the debate are mobile payments using NFC smartphones.