Sorting Out the Consequences of PCI Data Security Noncompliance

A Q&A with David Navetta of Information Law Group
The Payment Card Industry (PCI) Security Standards Council Data Security Standards (DSS) were established in 2006, but that’s only one piece of the payment card liability puzzle. Merchants are also held to card brand rules via their merchant and other contractual arrangements with merchant banks or the card brands. I spoke with Dave Navetta, a founding partner of InfoLawGroup LLP, about the types of consequences retailers can face during a data breach.

Continue Reading

The Truth in the Numbers: Data Breach Analysis

A Q&A with Patrick Florer of Risk Centric Security
While it’s easy to get caught up in the splashiest current news story about a particular breach, analyzing a broader swath of cyber security data can give us a more vivid and sometimes more precise picture of the real risks facing organizations today. I spoke with Patrick Florer of Risk Centric Security about what precisely constitutes a data breach and what the statistics show us.

Continue Reading

Man in the Middle Attacks: A New Line of Defense

businessman using laptop with thief shadow

A Q&A with Norm Brogdon of Data Stream Protector
Much like eavesdropping, man in the middle (MITM) attacks allow a perpetrator to imperceptibly steal data—a malicious and insidious threat that has been underreported in the media. I spoke with Norm Brogdon of Data Stream Protector about the MITM exploit and how it can be stopped.

Continue Reading

No more posts.