Retail Privacy Network

Data Matters

You are invited to join privacy professionals in the retail sector for topical conversation, learning and networking at the first Retail Privacy Network meeting. This interactive meeting will include hot topics in UK/EU data privacy and cybersecurity with practical case studies on retail industry issues. The post Retail Privacy Network appeared first on Data Matters Privacy Blog.

ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical

Threatpost

Overall, across all retail programs, more than 18 percent of all bug bounty submissions are critical in severity, a new Bugcrowd report found. IoT Mobile Security Most Recent ThreatLists bug bounty Bugcrowd Bugcrowd’s 2019 State of Retail Cybersecurity report point of sale retail Retail Security

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Retail Banks’ Lofty Goals and Where to Start

InfoGoTo

Retail banks in the United States face a whole host of challenges including customer confidence, regulatory compliance, attracting new customers, cybersecurity, utilizing big data and mastering social media, to name a few. Given these challenges, it’s not so surprising that retail banks would align their priorities with these challenges. This is why being able to successfully execute big data and advanced analytics is so important for retail banks.

Are Data Breaches the New Reality for Retail?

Thales eSecurity

As digital transformation takes hold, the retail industry is under siege from cyber criminals and nation states attempting to steal consumers’ personal information, credit card data and banking information. retailers experiencing a breach in the last year.

Securing Retail Networks for an Omnichannel Future

Dark Reading

Retailers who haphazardly move to digital from a brick-and-mortar environment can leave their businesses open to significant cybersecurity vulnerabilities. Here's how to avoid the pitfalls

CGI Client Global Insights: A look at top retail banking trends and priorities

CGI

CGI Client Global Insights: A look at top retail banking trends and priorities. We summarize the findings and insights from these discussions in the CGI Client Global Insights retail banking report.

Hunton Publishes Retail Year in Review

Hunton Privacy

On January 18, 2018, Hunton & Williams LLP’s retail industry lawyers, composed of more than 100 lawyers across practices, released their annual Retail Year in Review publication. The Retail Year in Review includes several articles authored by our Global Privacy and Cybersecurity lawyers, and touches on many topics of interest including blockchain, ransomware, cyber insurance and the Internet of Things.

Cybersecurity Insurance

Schneier on Security

Companies like retailers, banks, and healthcare providers began seeking out cyberinsurance in the early 2000s, when states first passed data breach notification laws. breaches cybersecurity insuranceGood article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is.

Lessons for In-House Counsel from Cybersecurity’s Front Lines

HL Chronicle of Data Protection

Recent developments reinforce the urgent need for general counsel and legal departments to deepen their focus on cybersecurity. Lessons for In-House Counsel from Cybersecurity’s Front Lines was written by members of the Hogan Lovells Privacy and Cybersecurity practice Peter M. In today’s environment, any organization can be the target of a cyberattack, regardless of industry, size, or geographic footprint.

The Cost of Dealing With a Cybersecurity Attack in These 4 Industries

Security Affairs

A cybersecurity issue can cause unexpected costs in several different areas, which is the cost of Dealing with an attack in 4 Industries? A cybersecurity issue can cause unexpected costs in several different areas. And, the costs go up if the health care facility does not have a cybersecurity response plan to use after an attack gets identified. Retail. Statistics from 2016 showed that the average cost per compromised retail record was $172.

National Cybersecurity Alliance advocates ‘shared responsibility’ for securing the Internet

The Last Watchdog

NCSA operates the StaySafeOnline website that provides a variety of cybersecurity educational resources and programs. Schrader: We are a leading nonpartisan, nonprofit group that’s very involved as a convener of experts to talk about a number of the top issues in cybersecurity. We also have a lot of educational programs that reach far beyond the insular, cybersecurity expert areas. A large retailer may spend millions on cyber security. The targeting of Sen.

Port Covington, MD re-emerges as ‘CyberTown, USA’ — ground zero for cybersecurity research

The Last Watchdog

When CyberTown, USA is fully built out, it’s backers envision it emerging as the world’s premier technology hub for cybersecurity and data science. DataTribe , a Fulton, MD-based cybersecurity startup incubator, has been a key backer of this ambitious urban redevelopment project , which broke ground last October in Port Covington, MD, once a bustling train stop on the south side of Baltimore.

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

or MEDC, I’m prepared to rechristen Michigan the Cybersecurity Best Practices State. My reporting trip included meetings with Michigan-based cybersecurity vendors pursuing leading-edge innovations, as well as a tour of a number of thriving public-private cybersecurity incubator and training programs. What’s noteworthy, from my perspective, is that Snyder had the foresight to make cybersecurity readiness a key component of his reinvent Michigan strategy, from day one.

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Hunton Privacy

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. Cybersecurity Enforcement International Security Breach Encryption EU Regulation Information Commissioners Office Penalty Personal Data Privacy United Kingdom

The Ecommerce Surge: Guarding Against Fraud

Data Breach Today

As more consumers shift to online shopping during the COVID-19 pandemic, retailers must ramp up their efforts to guard against ecommerce payment fraud, says Toby McFarlane, a cybersecurity expert at CMSPI, a payments consultancy

Retail 120

From channel to customer: How an omni-channel experience is the key to the retail industry’s success

CGI

From channel to customer: How an omni-channel experience is the key to the retail industry’s success. Is the hype around the retail store being dead simply that, hype? Retailers that are thriving in today’s disrupted and highly competitive environment have transformed the role of the brick-and-mortar store to effectively bridge the gap between the physical and digital worlds. One of the largest sporting goods retailers is a good case in point.

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

Data Matters

On February 7, 2018, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its 2018 National Exam Program Examination Priorities (2018 Exam Priorities) and, once again, identified cybersecurity as one of its main areas of focus. According to OCIE, each of its examination programs will prioritize cybersecurity. OCIE emphasized the “critical” importance of cybersecurity protection to market operation and the far-reaching effects of cyber threats.

Recent Risk Alerts by SEC OCIE Highlight Privacy and Cybersecurity Issues in Examinations

Data Matters

The SEC’s Office of Compliance Inspections and Examinations (OCIE) released two Risk Alerts, on April 16, 2019 and May 23, 2019, highlighting the importance of privacy and cybersecurity compliance for SEC-registered investment advisors and broker-dealers under Regulation S-P. As previously covered on Data Matters, OCIE has consistently identified cybersecurity as one of its main areas of focus for examinations. Cybersecurity Enforcement Financial Privacy SEC

4 Industries That Have to Fight the Hardest Against Cyberattacks

Security Affairs

Recent demonstrations from cybersecurity researchers have shown how it’s possible to hack into medical devices like pacemakers or insulin pumps. So, if nonprofit leaders want to devote more money to cybersecurity, they may feel too financially strapped to make meaningful progress. Also, nonprofits may feel overwhelmed about where to start as they learn about cybersecurity. Retail. Despite those risks, retailers make blunders when budgeting for cybersecurity.

Joker's Stash Advertises Second Batch of Indian Card Data

Data Breach Today

Haul of 460,000 Bank Cards Retailing for $4.2

Retail 162

Cybersecurity impact of Covid-19: Q&A with CISO Myke Lyons

Collibra

So we took a moment to ask our CISO Myke Lyons his thoughts on the cybersecurity impact of Covid-19. Prior to coronavirus, how would you describe the global state of cybersecurity? Even large retailers might employ people in stores to greet you and help you, but at the end of the day, they are a technology company and need the appropriate tools to keep all their data secure. The post Cybersecurity impact of Covid-19: Q&A with CISO Myke Lyons appeared first on Collibra.

2018 Predictions – Rise of IoT adoption will increase cybersecurity attacks

Thales eSecurity

With 2018 approaching, I have been thinking about what will happen in the cybersecurity landscape and would like to make some predictions for the year ahead. For example, Apple Pay is already potentially limitless, although most retailers will have a maximum spend of about 40 dollars, which is linked to the liability that most issuers are prepared to accept for a single transaction.

IoT 75

Spotlight Podcast: At 15 Cybersecurity Awareness Month Grows with Cyber Risk

The Security Ledger

In this Spotlight Podcast, sponsored by RSA: October is Cybersecurity Awareness Month. But what does that mean in an era when concerns about cybersecurity permeate every facet of our personal and professional lives? Russ Schrader of the National Cybersecurity Alliance (NCSA) and Angel Grant of RSA join us to discuss the history of Cybersecurity. » Related Stories Spotlight Podcast: 15 Years Later Is Cybersecurity Awareness Month Working?

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

OCIE’s 2020 Examination Priorities for broker-dealers and investment advisers include the protection of retail investors (including compliance with new standard of care requirements and interpretations), cyber and information security risks, anti-money laundering compliance, firms engaging in the digital asset space and the provision of electronic investment advice. Protection of Retail Investors . Retail-Targeted Investments. Cybersecurity. The U.S.

RH-ISAC's Role in Countering Threats

Data Breach Today

Tommy McDowell, Vice President, on the Value of Information Sharing In response to large data breaches, the retail and hospitality industry formed the RH-ISAC to serve as a central hub for sharing sector-specific cybersecurity information and intelligence, says Tommy McDowell, vice president, who explains how ISACs' roles are changing

Retail 137

The Rise of “Bulletproof” Residential Networks

Krebs on Security

In late April 2019, KrebsOnSecurity received a tip from an online retailer who’d seen an unusual number of suspicious transactions originating from a series of Internet addresses assigned to a relatively new Internet provider based in Maryland called Residential Networking Solutions LLC. All too often, it seems, the people who profit the most in this scheme are using multiple sets of compromised credentials from consumer accounts at online retailers, and/or stolen payment card data.

Retail 180

E-Skimming Strikes Again: Macy’s Confirms Magecart Data Breach

Adam Levin

In a letter to affected customers, the retailer said that it had detected malware on its e-commerce website on October 15 and that it had been active for a little over a week. . Magecart attacks are a growing threat to online retailers and e-commerce sites, where rogue code is inserted into sites to “skim” customer card information. Data Security Cybersecurity Data breach featured holiday macys magecart

New Areas Ripe for Exploitation in 2018

Data Breach Today

Dave DeWalt, former CEO of McAfee and FireEye, identifies the next generation of cybersecurity threats in the latest edition of the ISMG Security Report. Also featured: an analysis of the recent news of the Meltdown and Spectre microprocessor flaws and the POS malware attack on retailer Forever 21

Retail 113

How to compete in the cybersecurity talent tug of war

CGI

How to compete in the cybersecurity talent tug of war. Across business and technology media alike, I’ve seen frequent coverage of the hundreds of thousands of cybersecurity and IT security job openings that are not getting filled. Additionally, IT security jobs are no longer limited to the technology industry, as law enforcement, commercial retailers, and other sectors are all pulling from this same limited pool of resources. Advocate for cybersecurity curriculums.

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

What would happen if you typed in “Amazon,” the corresponding domain popped up, and you clicked, but instead of finding the world’s largest online retailer, you landed on a 1980s WarGames-themed page with a laughing skull?

Hogan Lovells Privacy and Cybersecurity Practice Ranked as a Top-Tier Practice by Chambers USA for 8th Consecutive Year

HL Chronicle of Data Protection

Chambers USA recently released its 2019 rankings and we are pleased to announce that Hogan Lovells’ Privacy and Cybersecurity (PaC) practice once again received Band 1 recognition by Chambers USA. A highly talented roster of attorneys advising clients on major data breaches and complex policy matters across a multitude of industries, including retail, automotive and media.”.

Experts report a rampant growth in the number of malicious, lookalike domains

Security Affairs

Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. is a private cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates. Ahead of the holiday shopping season , security experts from Venafi conducted a study of typosquatted domains used to target 20 major retailers in the United States, the United Kingdom, Australia, Germany, and France.

FIN7 hackers target enterprises with weaponized USB drives via USPS

Security Affairs

One of these attacks was analyzed by experts from Trustwave, one of the clients of the cybersecurity firm received a letter was supposedly from Best Buy giving out a $50 gift card to its loyal customers. The packages have been sent to several businesses, including retails , restaurants, hotels. APT Cyber Crime Hacking Malware BadUSB Cybersecurity FIN7 hacking news it security it security news malware Pierluigi Paganini Security Affairs Security News SecurityAffairs

Hunton’s Global Privacy and Cybersecurity Practice Tops Chambers Rankings

Hunton Privacy

Hunton & Williams LLP is pleased to announce that Chambers and Partners has listed the firm’s Global Privacy and Cybersecurity practice in Band 1 in the 2014 Chambers Global guide. Chambers Global noted that the firm is “widely considered to be at the cutting edge” of data protection work in the United States, United Kingdom and European markets, with clients that include “major global players in the technology, financial services and retail sectors.”

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

OCIE’s 2020 Examination Priorities for broker-dealers and investment advisers include the protection of retail investors (including compliance with new standard of care requirements and interpretations), cyber and information security risks, anti-money laundering compliance, firms engaging in the digital asset space and the provision of electronic investment advice. Protection of Retail Investors . Retail-Targeted Investments. Cybersecurity. The U.S.

SEC Announces Examination Priorities for 2019

Data Matters

The priorities are organized around six themes: (a) retail investors , including seniors and those saving for retirement; (b) compliance issues and risks associated with entities responsible for critical market infrastructure , including clearing agencies, national securities exchanges, the Financial Industry Regulatory Authority (FINRA), the Municipal Securities Rulemaking Board (MSRB), transfer agents and other Regulation Systems Compliance and Integrity (Regulation SCI) entities (i.e.,

SEC Office of Compliance Inspections and Examinations Publishes 2018 Exam Priorities

Data Matters

1 As has been widely reported, the Exam Priorities’ general focus areas include: retail investors. cybersecurity. The majority of these Exam Priorities are not surprising because they reflect the Commission’s continued focus on retail investors, conflicts of interest, fee disclosure, cybersecurity, cryptocurrency and AML programs. A Continued Focus on Retail Investors – what does this mean? Indeed, retail funds have been a Commission focus for many years.

URGENT: CFTC Warns Registrants of Cyber Threats and Requests Information by January 10 and/or January 20

Data Matters

Another was directed to commodity pool operators (CPOs), commodity trading advisors (CTAs), introducing brokers (IBs) and retail foreign exchange dealers (RFEDs). CFTC Cybersecurity Financial Privacy Information Security Online PrivacyOn January 3, 2020, the Division of Swap Dealer and Intermediary Oversight (DSIO) of the U.S.

Cloud 60

Wipro Intruders Targeted Other Major IT Firms

Krebs on Security

On Monday, KrebsOnSecurity broke the news that multiple sources were reporting a cybersecurity breach at Wipro, a major trusted vendor of IT outsourcing for U.S. The subdomains listed above suggest the attackers may also have targeted American retailer Sears ; Green Dot , the world’s largest prepaid card vendor; payment processing firm Elavon ; hosting firm Rackspace ; business consulting firm Avanade ; IT provider PCM ; and French consulting firm Capgemini , among others.

IT 136

Confessions of an ID Theft Kingpin, Part II

Krebs on Security

billion in new account fraud at banks and retailers throughout the United States, and roughly $64 million in tax refund fraud with the states and the IRS. Ngo said while he would like to one day get a job working in some cybersecurity role, he’s in no hurry to do so.

Retail 188