It's been a year now since the Target breach kicked off a dizzying series of security incidents that have impacted merchants and banking institutions alike. What lessons have been learned, and how can banks and merchants work together to prevent further breaches? Join us for an interactive discussion about the unique security challenges facing retailers and banking institutions. Based on their extensive breach response experience, the panelists will discuss new strategies to both defend against and respond to a breach.
Attendees will learn:
Best practices for responding to a breach;
Why it's critical to shift from system scanning and periodic monitoring to continuous security - as well as how to do it;
About the PCI community's evolving perspective on retail technology (hint: there is no silver bullet);
How to combat the increased threats in the face of overextended systems and extreme volume.
A number of high-profile retailers experienced breaches during the 2013 holiday season, which led to unprecedented repercussions such as brand damage, increased audit scrutiny and loss of market share. Increased transaction volumes and staff distractions, coupled with organizational system holiday freeze periods, can leave your systems exposed, potentially giving "Black Friday" a whole new meaning.
So how can your organization stay out of the headlines as the 2014 holiday season kicks into high gear?
Join us for an interactive discussion, where we'll discuss security approaches that can help retailers maintain continual vigilance over their cardholder environments in this constant state of compromise. We'll dig into ways that organizations can prepare for a breach, including developing a robust response strategy. Finally, we'll look ahead toward 2015 and explore proactive steps that merchants and banks need to take to stay compliant and secure.
Author of "The Computer Incident Response Planning Handbook" published by McGraw-Hill and available on Amazon.com. He works for a Fortune 100 retailer and his management responsibilities have included: ISOC, several CIRPs, ERM (IT) and Corporate Privacy Awareness training. Neal's extensive bio can be found on the Amazon page for his book. Neal also provides consulting to organizations and can be reached at NKMcCarthy@aol.com.
Solutions Architect, Bit9
Joel Rising has 25 years' experience with information technology. After 10 years as an IT Guy at university, where he was consider a security innovator and good neighbor, he transitioned to enterprise security startups, focused primarily on information and endpoint. Joel leads the Solutions Architects Team at Bit9, assigned to major enterprise accounts, and responsible for technical best practices. He cares about connecting people and technology through the medium of process, believing that technology can win the day but that the human element is what changes the game.
Sr. Director, Compliance and Governance Programs, Carbon Black
Strand leads Carbon Black's IT governance, audit and compliance programs. With more than 20 years of information technology and compliance experience, he oversees the development of enterprise network and application security solutions that help organizations deploy positive security to maintain and improve their compliance posture. Previously, Strand held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. A PCI Professional (PCIP) and trained Quality Security Assessor (QSA), he also has been certified on and is proficient with other regulatory disciplines including HIPAA, North American Electrical Reliability Corporation (NERC) and Gramm-Leach-Bliley Act (GLBA). Strand regularly speaks about security and compliance issues and best practices on webinars and at industry conferences. He has authored several white papers, published articles in security industry journals, and is frequently quoted by leading media outlets.