With the first quarter of 2016 wrapping up, it’s a good time to take a look at the cyber security trends that emerged at the end of 2015 and the beginning of 2016. What are the cyber risks companies will need to be most vigilant against for the rest of the year?
Bill Hardin, vice president for consulting firm Charles River Associates, shares his views from the inside track on emerging threats in cyber security with me in the video below. Among the many services it provides to clients globally, CRA helps companies investigate cyber incidents, determine if a data breach has occurred, assess the scope of the breach and assess its impact on the organization, its customers, employees and third parties.
Card-not-present fraud
The move toward EMV technology and the new PCI standards is intended to reduce payments fraud at point of service, but a side effect is emerging — card-not-present types of fraud are increasing. The greater protections afforded by chip and PIN technology do not extend to online and telephone channels, and cyber criminals know this. According to Hardin, they will be increasingly motivated to find new ways to commit payments fraud in situations where a physical card is not needed for a transaction to occur.
Finally, Hardin says, avoid making any kind of announcement until you’ve verified the threat vector. “Is the bad guy still in the system? The last thing we want to do is say the system is secure, give those communication points to the CEO, and the next thing we know we have more data leaking out the door.”