Security & Fraud

OTA: 90% of 2014 Data Breaches Preventable

Last year saw a number of high-profile hacks make the news, such as the publishing of naked pictures of celebrities and the massive data grabs from retail giants Target and Home Depot. While everybody was quick to point fingers at malicious hackers, the Online Trust Alliance on Jan. 21 determined that these were part of the 90 percent of hacks that were preventable, had these celebrities and companies been prepared.

The OTA, a nonprofit group focusing on enhancing user-friendly Internet access and data security, chronicled the ways that businesses and people were losing their personally identifiable information (PII). The findings indicate that 40 percent was the result of external intrusions, 29 percent was, accidentally or maliciously, perpetrated by employees within the company due to lack on internal controls, 18 percent were a result of lost or stolen devices, while 11 percent were due to social and engineering fraud.

Hoping to rectify this problem, the OTA identified the 12 most critical, yet achievable, security practices that all companies should follow, as well as collaborating on a framework detailing how to complete an assessment of internal as well as third-party security practices. Among these practices include enforcing effective password management, assessing security protocols of cloud-based partners (which would have kept those naked pictures in the celebrities’ smartphones), and segregating internal systems to prevent hackers from accessing sensitive material in one go (which would have been useful for Target and Home Depot).

The Data Protection & Best Practices Guide and the Risk Assessment Guide, released with this report, contain these and other best practices for businesses to follow. A series of town halls will be held over the next few weeks in Silicon Valley (Jan. 28), New York (Feb. 3), and Washington, D.C. (Feb. 5).

——————————

LIVE PYMNTS ROUNDTABLE: MODERNIZING & SCALING FOR THE NEW NORMAL

The pressure on banks to modernize their payments capabilities to support initiatives such as ISO 20022 and instant/real time payments has been exacerbated by the emergence of COVID-19 and the compelling need to quickly scale operations due to the rapid growth of contactless payments, and subsequent increase in digitization. Given this new normal, the need for agility and optimization across the payments processing value chain is imperative.

Click to comment

TRENDING RIGHT NOW