In the past few years of fighting against cyberattacks, security teams have developed "kill chain" models that document what steps the bad guys take to infiltrate a network and how to thwart them. The problem is, a significant number of data breaches occur from insider threats, which these models often overlook.
Called Mezu, the P2P platform has been live for about a week and uses a location-based code to execute payments, avoiding the need to even share usernames or other identifying information to move money.
A direct correlation between the chip migration and rampant merchant data breaches is hard to prove. But experts say retailers' prioritization of EMV compliance contributed to other payment card security gaps, leading to the current high level of merchant data breaches.
It's a race to the finish line that also affects U.S. companies with European customers. In these final moments, every company must at least show good faith in attempting to follow the law and having procedures and technology in place to do so.
Data breaches have become routine, but the public reaction to these events is changing. Consumers are increasingly wary of sharing their information — just ask Mark Zuckerberg — and this trend raises the stakes for all financial institutions and merchants.
Companies that handle sensitive customer data have even more to worry about when making an acquisition. Not only do they have to be sure the acquired company has good security, but they can't let their guard down even after the acquisition closes.
Before reports of the data breach at Saks Fifth Avenue, Saks OFF 5th, and Lord & Taylor fade from the news cycle, there's one detail that should alarm merchants, card issuers and consumers — and sets a tone for future data breaches.