Target was not on target with its cyber security quality control program. The customer data for at least forty million credit cards were stolen by creative cyber crooks who created an insidious virus that stored and forwarded the customer information encoded on credit cards used at Target terminals in stores. Now these brazen crooks are selling the information in overseas online marketplaces. The specific situation that facilitated this mega heist is actually fairly common and impacts the ticketing and payment programs of almost all professional sports teams. Target used a subcontractor.
Business leaders are stepping up to the plate to try to begin to limit the scale of data breaches in the future. This Thursday, March 6, Information Week is hosting an educational program on cyber security. The agenda highlights important issues today’s managers need to plan ahead for:
- Profile of a targeted attacker - who are they and why do they do what they do?
- How attackers choose their targets
- How advanced persistent threats (APTs) may infect your organization
- How to detect next-generation attacks
Farmer’s Insurance announced yesterday on its Facebook page “We can help you protect yourself from a data breach with cyber liability insurance.” Is there a catch? Yes. Farmer’s also uses a subcontractor for its own online claims processing system and the system is not free from cyber glitches of its own. As this screen shot taken March 4 shows, currently the dialog box that contains the terms and conditions for e-mail use is truncated by a frame on the right side. (You can enlarge the image by scrolling over the lower right hand corner.) Readers can make out most of the terms and conditions. But would anybody agree to terms and conditions that are obscured by a frame that is smaller than the text field? Are written agreements with truncated text valid? This type of customer service issue has become all too common when there is no end-to-end supervision within a single company.
What you can read of the terms and conditions does serve as a useful reminder that electronic communication is far from perfect. The truncated text is represented by “…”. “(E-mail) in connection with the processing of my claim I acknowledge that the information to be con…nonpublic private information under the Gramm-Leach Bliley Act and other laws. I understand that th…information but e-mail may not be secure and E-mail has been known to be lost, to arrive incomplete…arrive with errors, to be corrupted, or to contain viruses; I understand that my consent to receipt of this information by E-mail will remain in eff…and that I can revoke my consent at any time by contacting my claims representative.”