Security Challenges in the 21st Century: The Target Breach
Project and Program: Enterprise Data Center
, Security and Compliance
, SHARE in Pittsburgh 2014
Credit and debit cards—whether using magnetic stripes, EMV (“Chip and PIN”), or near-field communication (NFC)—are an established feature of world commerce, built on embedded devices, complex networks, and high-performance back-end computer systems.
And we’ve all heard about the Target data breach (and Neiman Marcus, and Adobe, and Sony, and…)
But what really happened? Why is such an essential part of modern life so vulnerable? How does this ecosystem really work? What are enterprise payment systems’ vulnerabilities and security gaps, and how can we defend them?
As these breaches repeatedly demonstrate, simply keeping physical cards secure is no longer sufficient—and neither is protecting IT perimeters of card processing systems. Millions of card numbers have been breached at all system layers, despite companies’ best efforts to secure themselves at a system level. The Payment Card Industry Data Security Standard (PCI DSS) publishes excellent guidelines to help secure data, but many breaches occur despite flying colors PCI DSS compliance assessments.
Come learn about how the payments ecosystem works, what really happened at Target, how the threat landscape is evolving, what attackers are doing, and how merchants and processors are trying to stay ahead of attackers.-Phil Smith-Voltage Security, Inc.
Back to Proceedings File Library