HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 7 MINUTES AGO.
You are here: Home / Network Security / IT Can Learn from Target Breach
Neustar, Inc.
Protect your website & network using real-time information & analysis
www.neustar.biz
What Can IT Learn from the Target Breach?
What Can IT Learn from the Target Breach?
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
26
2013
With the Department of Justice investigating the credit and debit card security breach at Target, IT professionals are also digging deeper into learnable lessons from what industry watchers are calling the second largest breach in U.S. history.

We turned to James Lyne, global head of security research at Sophos, for his thoughts on the breach, which led to the theft of about 40 million credit and debit card accounts between Nov. 27 and Dec. 15. Only the TJX Cos. scam took a heavier toll on customers, impacting about 45.7 shoppers in 2005.

“It is claimed to be data stealing code on the terminals handling transactions though details are scarce,” Lyne told us. “This means widespread deployment of malicious code across many terminals raising the question of how this made it through the build checks and whitelisting into Target’s standard. Even still, more details may come to light shortly but we should assume the worst.”

Encryption 101

According to Lyne, loss of the track information from the credit cards is particularly nasty as it can allow for card cloning. That said, he continued, just the cardholder’s name, card and security code has the potential for widespread online ordering fraud.

“Such sensitive information should always be encrypted, segmented and carefully secured,” Lyne said. “A loss of such a late stockpile of cards indicates poor architectural and business process practices -- though the full details of the root cause are not entirely known yet. Target is just another name to add to the list of financial data breaches this year, though this could be one of the largest yet.”

Lyne’s conclusion: It is critical that organizations handling such data take steps to protect it -- such large volumes of data should never be accessible by one user or process -- should be encrypted to segment the data and should be detected if an export of such size occurs.

Monitoring and Control

Kevin O’Brien, director of product marketing at CloudLock, is looking for the lessons going forward. From his perspective, as companies move their data into the cloud, the risk vector that most often receives little attention from internal security is around data and account security for the platforms in use, such as Google Apps, Salesforce, Box, and so on.

“There is a misconception that because the systems themselves are managed by the cloud vendor, security is a given. In the same way that Target should have been watching who had access to their POS terminals and what third-party apps were installed on it, organizations need to implement monitoring and control systems in their cloud environment,” O’Brien said.

“Know where your high-value data lives, and employ a defense-in-depth strategy whereby all access routes to that data are monitored automatically, ensuring that accidental or intentional exposure can be quickly detected and remediated,” he added.

Tell Us What You Think
Comment:

Name:

Ulf Mattsson :
Posted: 2013-12-27 @ 7:36am PT
I agree that it is important to “Know where your high-value data lives, and employ a defense-in-depth strategy ...”.

There are innumerable ways that data thieves can attack and penetrate your network. I think that "a defense-in-depth strategy" should secure the data itself and not only secure all access routes that data thieves can use. Every organization, especially those that handle card holder data, should operate under the assumption that sooner or later, they will be breached.

Monitoring is not enough and the new best practices to protect sensitive data and the data flow throughout the enterprise are designed with this assumption in mind. I recently read an interesting report from the Aberdeen Group that revealed that "Over the last 12 months, tokenization users had 50% fewer security-related incidents(e.g., unauthorized access, data loss or data exposure than tokenization non-users". The name of the study is "Tokenization Gets Traction".

Ulf Mattsson, CTO Protegrity

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.