Chief Information Security Officers (CISO) have become more common on companies’ senior leadership teams. They might be in even higher demand after the highly publicized data breaches at Target, Home Depot, Neiman Marcus and other companies in the past couple of years (see a timeline of data breaches in the past decade here). In fact, Neiman Marcus just hired its first CISO, Sarah Hendrickson.
Several Home Depot customers have filed a class action lawsuit in the United States District Court for the Northern District of Georgia, Atlanta Division, alleging that Home Depot failed to meet its legal obligation to protect their credit card and personal information.
As if having to deal with the rising threat of data breaches weren’t already enough for retailers, many continue to struggle to make sense of today’s rough patchwork of federal and state data breach laws.
“Ongoing investigation.” “Forensics and law enforcement continue to investigate.” For now, it is a bit too early to write the “Lessons Learned” piece about the Target/Neiman Marcus/Michaels data breach incident. But there are a few things that were known before these latest payment card/database breaches occurred and should be put into context in light of what we are currently investigating.
The Retail Industry Leaders Association (RILA) has entered into a partnership with the National Cyber-Forensics and Training Alliance (NCFTA) to enhance cybersecurity information sharing and expand retailers’ proactive and vigilant approach to cyber threats to protect consumers against criminals.
Target early Thursday confirmed widespread media reports that it suffered a major data breach that affected as many as 40 million credit and debit card transactions during a period that began the day before Thanksgiving through December 15.