March 12, 2020 •
After leaving the March 2-5 conference, I ate lunch at an open seating restaurant at the airport. Over lunch I educated two people on the latest Intelligence on credit card security and fraud, armed with new stats and insights I’d picked up at the MAC Level Up conference. This was proof positive that MAC delivers as it relates to educational content and relevance. In this post, I will share my biggest takeaways from the conference.
March 20, 2019 •
Counterfeit payment cards, stolen payment cards, use of an assumed identity to complete a credit card application… these are easily-recognizable examples of payment card fraud. When a fraud incident occurs in the retail setting, it’s often contained with only small losses occurring to the merchant involved. But what happens when a payment card data breach occurs at that same business? Are its causes and consequences basically the same?
Payment Security • Point of Sale
October 31, 2018 •
Once an obscure processing model for special situations, the business of payment facilitation is now burgeoning. There are many benefits to becoming a payment facilitator, including increased control over the user experience. Unfortunately, the same qualities that serve as benefits often raise the payment facilitator’s PCI risk.
August 28, 2017 •
These days many organizations do not feel confident about their ability prevent a data breach, mainly because they feel they can’t trust the humans working for them. And for good reason! Cyber criminals continue to exploit the human element, which was blamed for over 400 reported data breaches and 7.6 million+ compromised records in 2016.Regardless of whether the employee is knowingly part of a malicious effort, or is inadvertently involved in allowing an intrusion or other form of unintended disclosure, a breach of valuable data is not what you want to have happen. Therefore, you must minimize the human impact.
Risk Management • Security Awareness
November 15, 2016 •
Third party relationships make your life easier in a multitude of ways, from streamlining processes, to providing additional human resources, to ensuring operational efficiency. Unfortunately, these relationships also introduce increased business risk related to data security and compliance.If one or more of your third party vendors doesn’t maintain a strong security posture and is consequently compromised, your business could very well end up sharing the burden of recovery. Read this ControlScan blog post for three steps you can take to lessen your business’s third party risk.
Internet of Things • Network Security • PCI Compliance
December 2, 2014 •
Last week, Inc.com featured a great piece by Electronic Transactions Association CEO Jason Oxman. “A Cybersecurity Checklist for Online Retailers” lists important steps online startups and small businesses can take to protect sensitive data. As the U.S. migrates to EMV (i.e., chip cards), it is expected that fraud activity in the world of ecommerce will increase significantly.
Firewalls • Vulnerability Management • Website Security
October 22, 2014 •
The small- to medium-sized business owners I talk with are often surprised to learn that ControlScan hears from everyday consumers on a regular basis. The questions we are asked share a common theme: I’m worried that this business is not properly securing my personal information.
Point of Sale
October 21, 2014 •
According to independent research by the Identity Theft Resource Center (ITRC), 259 Medical/Healthcare facilities experienced a data breach event between January 1 and October 14 of this year. That is a staggering number, given that ITRC reported a total of 28 events for the entirety of 2013.
Malware • Security Awareness • Vulnerability Management
October 20, 2014 •
Lately it seems we’ve been operating in a world of “another week, another breach.” The constant bombardment of news featuring our favorite brands getting hacked typically creates one of two reactions: “Yeah, but I’m a little shop, so that can’t happen to me” or “I might as well not bother trying to prevent the inevitable.”
Network Security • Security Awareness • Vulnerability Management