CNP Expo: Prevent and Prepare – Addressing Network Security in a New Reality
May 19, 2015
Hackers have more motivation than ever to steal data and companies face more difficulty to secure that data, according to experts on a late-afternoon panel at the CNP Expo in Orlando, Fla. Breaches are common and someone is to blame, yell headlines. But who?
“Data breaches don’t just happen,” said Giles Witherspoon-Boyd, vice president of business development for CardNotPresent.com, who moderated the session. The panelists had differing views about who was to blame.
“Data breaches happen because the PCI standards are largely misunderstood,” said Jeff Man, security strategist and evangelist for Tenable network security. “If you think security is a burden you’ve already lost. Security is a necessity.”
Man added that criminals often are more motivated than the security staffs of many companies. While Man blamed a reluctance to meet security standards, attorney Doug Meal said that meeting the new standards won’t stop many hackers.
“It is not because those companies are not PCI DDS compliant,” said attorney Doug Meal of Ropes and Gray, LLP. “The breaches don’t happen because companies make stupid mistakes. This data is incredibly valuable and easy to monetize and attracts brilliant hackers and there is no level of security that is going to keep them from getting the data.”
Gregg Johnson, vice president of security strategy and business development for Lancera, added that many companies have not upgraded their security programs.
“Some of the same fundamentally stupid problems exist in the industry,” said Johnson.