Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Consumers need security intelligence, too

markpainter ‎03-11-2014 12:28 PM - edited ‎07-07-2015 09:16 AM

Recently, the  First American Bank of Illinois took the unprecedented step of issuing a warning for its customers not to use their credit cards in Chicago area taxis because of suspected (and ongoing) theft of credit card information due to a data breach. There's a certain irony in a bank suggesting customers use cash instead of cards, and in cash being the 'safer' option to carry. But, it was the right move on the part of the bank for a multitude of reasons. It's a definite shift in thinking, and a harbinger of things to come.

 

After the Target data breach, the retailer offered some simple and standard consumer suggestions to avoid scams, etc. Don't respond to texts or emails from people you don't know. Check your bank statement often.  Don't send money to princes in Nigeria (OK, it wasn't that bad, but you get the idea).  My initial  reaction as a security guy (i.e. snarky)  was that none of those safeguards would have prevented the kind of loss that occurred from swiping your credit card. But, ultimately, I could see that the suggestions didn't hurt, and did serve a purpose (and it's not like Target could realistically suggest that its customers go cash only during the Christmas shopping season, either). What I'm getting at is that there is now more onus on consumers than there has ever been before in preventing loss of data, whether it's in doing a better job of protecting their personal information or of being careful where they swipe.

 

Ultimately, these suggestions speak to a fundamental truth.  It's not just enterprises that need to utilize security intelligence. It's also consumers, corporate citizens, and basically anybody with a vested interest in protecting their information. Exploits and exposure of data simply happens much faster than organizations can respond. Warning consumers of such specific potential fraud is a realistic acknowledgment of that, and one we can expect to see much more of in the future. In an era when attackers are  organized and willing to share information, it makes sense for businesses to do the same.  

 

An interesting question for the future occurs to me, though. What happens when a bank notices suspected fraud occurring at a major retailer, or somebody with the clout to fight back? Do they take the side of the consumer/customers or the business (especially if that business is a client)? 

0 Kudos
About the Author

markpainter

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference to learn from peers in every industry and hear from Big Data experts and thought leaders in an exciting, energy fille...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference and is the place to meet the world’s top information security talent, discuss new products and share information...
Read more
View all