Will the Target fallout shift focus away from compliance?

While in the check-out line at Target recently, I observed an interesting exchange that shows just how deep the impact from Target’s massive data breach has been. While rummaging for bills in her wallet, the woman in front of me in line asked the cashier whether anyone still used their credit card at Target anymore. The cashier could only shrug, but the fact that two ordinary people were discussing the impact of a data breach was remarkable, and Target’s recent sales numbers show that people aren’t only nervous about using credit cards at Target, they are avoiding the retailer altogether. Only 33 percent of US households shopped at Target in January of 2014, a 22 percent decline from 2013, and Target’s lowest level of shopper penetration in the last three years.

This is bleak news for a company that has already generated an enormous amount of negative publicity that has led to a U.S Senate hearing, a restructuring of Target’s corporate leadership, and even a change in Target’s employee dress code.

YYBC: Don’t lie to your users about compliance

2014 was PhishMe’s 3rd year at RSA. Our growing team allowed me to steal a few hours away from the Exhibit floor and attend some excellent sessions. While many of the sessions I attended related to PhishMe’s offering I also made it a point to take a break and enjoy some fringe topics. A talk entitled: “The Dark Web and Silk Road” with Thomas Brown, Deputy Chief for Cyber, U.S. Attorney’s Office of Southern New York was a fascinating view into how Bitcoin is used in illicit underground marketplaces. The presentation was well-done and a great play by play about how the man behind Silk Road was unmasked and arrested.

Another presentation that really stood out: “Cognitive Injection: Reprogramming the Situation-Oriented Human OS” with Akamai CSO Andy Ellis.