April 19, 2015

Verizon is out with its annual cyber security report and while the findings are disturbing the good news is that retailers can thwart many a breach attempt by focusing on a handful of basic attack patterns. 

March 31, 2015

Home Depot, which was hit by a widely publicized data breach in 2014, has reportedly hired its first chief information security officer, according to the Wall Street Journal.

March 19, 2015

Target Corp. has agreed to pay $10 million in a proposed settlement of a class-action suit related to the company’s 2013 data breach, according to court documents filed Wednesday. The retailer confirmed the news in a CBS News report.

March 18, 2015

The National Retail Federation testified before Congress today on the need to pass a federal data breach notification law that applies to all entities that handle sensitive customer data. 

March 13, 2015

After a recent series of data breaches targeting both large and medium sized retailers, many companies are investing in technology that will help encrypt credit card data at the point of sale. Although this is a meaningful way to reduce risk, end-point encryption is not the silver bullet solution many retailers are hoping for. 

February 17, 2015

Describing cyberspace as the new "wild, wild West," President Barack Obama on Friday said that while everyone expects the government to be the sheriff, the private sector must do more to stop cyberattacks. 

January 27, 2015

The National Retail Federation reiterated its support Jan. 27 for a federal data breach notification standard as a congressional panel held a hearing on this issue, saying legislation should provide consumers with notice whenever a data breach occurs. 

January 27, 2015

The Retail Industry Leaders Association (RILA) says retailers support a strong pre-emptive federal data breach law that allows for reasonable and clear notice triggered by potential customer harm. 

December 22, 2014

Time and again in 2014 the vulnerability of retailers’ information systems became apparent with Staples the latest major chain forced to admit an inability to protect customers’ personal information.

December 12, 2014

Chief Information Security Officers (CISO) have become more common on companies’ senior leadership teams. They might be in even higher demand after the highly publicized data breaches at Target, Home Depot, Neiman Marcus and other companies in the past couple of years (see a timeline of data breaches in the past decade here). In fact, Neiman Marcus just hired its first CISO, Sarah Hendrickson. 

November 6, 2014

Jacqueline Hourigan Rice will join Target Dec. 1 as the retailer’s SVP of risk and compliance after holding a similar role at General Motors.

September 5, 2014

Several Home Depot customers have filed a class action lawsuit in the United States District Court for the Northern District of Georgia, Atlanta Division, alleging that Home Depot failed to meet its legal obligation to protect their credit card and personal information.

June 4, 2014

As if having to deal with the rising threat of data breaches weren’t already enough for retailers, many continue to struggle to make sense of today’s rough patchwork of federal and state data breach laws.

March 31, 2014

It looks like one year of free credit monitoring has become the new industry standard for retailers looking to placate customers potentially affected by a data breach.

February 21, 2014

“Ongoing investigation.” “Forensics and law enforcement continue to investigate.” For now, it is a bit too early to write the “Lessons Learned” piece about the Target/Neiman Marcus/Michaels data breach incident. But there are a few things that were known before these latest payment card/database breaches occurred and should be put into context in light of what we are currently investigating.

February 18, 2014

The Retail Industry Leaders Association (RILA) has entered into a partnership with the National Cyber-Forensics and Training Alliance (NCFTA) to enhance cybersecurity information sharing and expand retailers’ proactive and vigilant approach to cyber threats to protect consumers against criminals.

February 13, 2014

Retail and financial trade associations have banded together to combat cyber crime in wake of the Target data breach.

December 19, 2013

Target early Thursday confirmed widespread media reports that it suffered a major data breach that affected as many as 40 million credit and debit card transactions during a period that began the day before Thanksgiving through December 15.

December 20, 2012

Symantec, a global leader in security, backup and availability solutions, has appointed Stephen Gillett as its EVP and COO.