The Target Breach and Beyond: Security Challenges in the 21st Century
Project and Program:
Enterprise Data Center,
Security and Compliance
Tags:
Proceedings,
SHARE in Orlando 2015,
2015
Credit and debit cards—whether they use magnetic stripes, EMV (“Chip and PIN”), or near-field communication—are an established feature of world commerce, built on embedded devices, various networks, and high-performance back-end computer systems.
We’ve all heard about the Target data breach (and UPS, and Nieman-Marcus, and Adobe, and Sony, and…). And most of us have had a credit card replaced because the bank contacted us about a bogus charge.
How can such an essential part of modern life be so vulnerable? How does this ecosystem really work? What are its vulnerabilities and security gaps, and how can we defend them?
As events have proven, simply keeping your physical card secure is no longer sufficient —and neither is protecting the IT perimeters of card processing systems. Millions of card numbers have been breached at all layers of the system, despite companies’ best efforts to secure at a system level. The Payment Card Industry Data Security Standard (PCI DSS) lays down excellent guidelines to help secure data, but many breaches have occurred despite passing PCI DSS compliance assessments.
Come learn about how the payments ecosystem works, what really happened at Target, how the threat landscape is evolving, what the attackers are doing, and how merchants and processors are reacting to stay ahead of the attackers.-Phil Smith-HP Security Voltage
Back to Proceedings File Library