Category: Retail
Posted by Heather Howland in Compliance, Retail, Security Intelligence, SIEM
We recently held a webcast with SANS, featuring a major Q1 Labs customer who is a well-known luxury brand in the retail space. They have been relying on the QRadar Security Intelligence Platform to help them tackle compliance regulations, gain visibility into network devices and system logs, display packet level detail, and provide powerful reporting capabilities.
Let’s rewind a bit and discover why they need a SIEM.
PCI compliance is a driving factor since they are a publicly traded company and host payment information. Beyond that, and the reason why they need a SIEM, is the diversity and size of their network. Their infrastructure is comprised of multiple flavors of UNIX (including HPUX and IBM AIX), Red Hat Linux, and Windows servers; with network devices from Cisco, Checkpoint (firewalls), Solarwinds, and Airwave.
With over 500 stores, a corporate network, and a retail network, they faced a challenge of continuously monitoring for threats and suspicious activities. It was clear to them that simply reviewing logs on a periodic basis was not enough. They needed a SIEM solution to help uncover anomalies on their network in real time.
Of course, you don’t have to wait for each of these series to be released – watch the full webcast now. In the next part of the series, we will see why selecting a SIEM vendor is not an easy process.
Posted by Heather Howland in Retail, Risk Management, Security Intelligence
In last week’s webcast, I was joined by Brian Mehlman, Q1 Labs’ Sr. Product Manager, where we covered some industry trends that show retail organizations are adopting a more predictive security model – instead of purely reactive. Many of these trends were uncovered from a recently commisioned IT Security survey. One of these trends being the popularity of automated compliance and security monitoring, as an integral part of every risk management solution.
We reviewed some of the most popular IT Security tools used by your peers and also talked about the most desired features of a risk management solution. Brian discussed where risk management sits in the overall compliance and security timeline and why it’s important to include risk management as part of satisfying PCI requirements. Towards the end of the webcast, Brian ran a live demonstration of QRadar Risk Manager to show a few PCI / Retail specific use cases.
If you missed the live webcast, take a look at the Slideshare deck, watch the highlight clip above and download the full on-demand webcast.
Posted by Heather Howland in Compliance, Retail, Security Intelligence
In an article on infosecurity.com this week, there’s news that as of Oct 1, 2012 Visa is waiving the requirement for US merchants to annually validate their compliance with the PCI Data Security Standard (PCI DSS) – *if* 75% of the merchant’s Visa transactions come from chip-enabled terminals that support both contact and contactless chips.
Part of Visa’s plan to accelerate migration to the new chip technology is to eliminate the need to annually validate PCI compliance, which I think is a bit short sighted. Here’s some of the “small print” from Visa:
Qualifying merchants must continue to protect sensitive data in their care by ensuring their systems do not store track data, security codes or PINs, and that they continue to adhere to the PCI DSS standards as applicable.
Ok that’s great, but who is enforcing this? In most cases, validation drives compliance, which drives security (or at least budgets). So what will happen when validation goes out the window? While achieving PCI compliance isn’t necessarily the “end-all” solution to security problems, it certainly pushes merchants in the right direction and adds structure to an already hectic environment (considering the frequency of card breaches popping up in the news). According to the 2011 Verizon Breach Report, 89% of organizations that suffered breaches were not validated PCI compliant.
With PCI compliance validation all but off the table, we have to trust that other security measures won’t fall short. How do merchants “ensure” (as Visa states) that they are not storing track data, security codes, PINs and so on? As Gartner’s John Pescatore recently pointed out, “There is a big difference between compliance and security.”
Even though Visa may not be requiring audits for qualifying merchants, it is important to consider the larger security picture beyond just collecting logs. Retailers and other third-party vendors have a responsibility to keep consumer data secure, and to do so, they need a fully featured security intelligence solution to correlate log data, network flows, asset configurations, device & network vulnerabilities, and (internal / external) threat data into one consolidated view, with a goal of exceeding PCI control objectives. Not just to meet Visa’s requirements, but to uphold their duty to protect consumer information. After all, it’s good for business.
The latest on Cyber Security