IT can decrease security risk through ISO 27000 and PCI

IT departments can reduce security risks by combining the flexibility of ISO 27000 with the requirements of PCI

Compliance-based security doesn’t always provide protection against determined attacks. This was the unfortunate case in the recent breaches of Target, Neiman-Marcus, and Michaels Stores. According to the investigation, the retail chain was aware that such a breach could happen, but it still ignored warnings.

“Michaels knew that its POS systems were vulnerable to attack. Dr. Neal Krawetz, a cyber-security expert, published a white paper in August 2007 alerting major retailers, including Target, to the risk of POS cyber-attacks,” said Tom Loeser, a Hagens Berman partner and former federal prosecutor in the Cyber and Intellectual Property Crimes Section of the U.S. Attorney’s Office in Los Angeles, in a statement.

Contributing Author

author image

Amanda Ciccatelli

Amanda G. Ciccatelli is a Contributing Writer for InsideCounsel, where she covers the patent litigation space. Amanda earned a B.A. in Communications and Journalism from...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.