19 January 2018
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

741Posts 2,063,916Views 62Comments

Merchant Credit Card Transaction Monitoring

12 December 2009  |  4248 views  |  0

Security professionals  intuitively think proactively. Our job  is to predict and prevent what the bad guy will do next. My job specifically is to instill this mindset into you, the consumer,  SMB or large corporate enterprise.

Bob Russo, General Manager and Rockstar of the PCI Security Standards Council reminds us all in this Business Week article that it’s not all about prevention. Sage advice below.

“Many businesses are familiar with the PCI Security Standards Council’s requirements, yet many card fraud incidents go undiscovered for long periods of time. In fact, according to Verizon’s 2009 Data Breach Investigations Report, 75% of compromises were discovered at least weeks after the compromise.

Data security is not all about prevention; it also requires detection and monitoring. In the event of a breach or card fraud, proper monitoring can detect and eliminate additional fraud quickly. Thus, with the holiday season in full swing, it’s a great time to reconsider your company’s log management and monitoring. Consider the following tips:

1. Ensure your organization keeps timely, accurate, and unaltered records of what has taken place within the cardholder data environment (who, what, when, and how) to protect it in the event of a data compromise and resulting investigation.

2. Monitoring also can include physical surveillance. Closed-circuit monitoring of POS terminals can detect suspicious or fraudulent behavior.

3. Even when you are at your busiest, you simply cannot afford to overlook monitoring as a primary detector of card fraud and the trigger to eliminating ongoing criminal activity.”

And my advice. For your own good, protect your identity. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Robert

Top 10 Tips for Securing Your Mobile Devices and Sensitive Client Data

11 January 2018  |  2764 views  |  0 comments | recomends Recommends 0 TagsSecurity

Your Social Security Card Gets Stolen: Now What?

04 January 2018  |  3384 views  |  0 comments | recomends Recommends 0 TagsSecurity

What Was Scary About Blackhat 2017?

02 August 2017  |  6402 views  |  0 comments | recomends Recommends 0 TagsSecurity

Black Hat 2017 was an Amazing Event

29 July 2017  |  6909 views  |  0 comments | recomends Recommends 0 TagsSecurity

Blackhat Hackers Love Office Printers

28 July 2017  |  5538 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
739 posts62 comments

Who's commenting on Robert's posts

Ketharaman Swaminathan