Free Newsletter
HOT TOPICS >> Tech world's top flops and fiascos of 2011 | Windows 8 slideshow | Cybersecurity | Caron's Q&As
INDUSTRY >> Healthcare IT | Government IT | Financial Services IT | Biotech IT | Compliance IT
Heartland CIO: "I don't think software will ever be secure again."
Heartland Payment Systems isn't necessarily synonymous with "great security," these days. The company's colossal data breach, in which as many as 130 million credit and debit card numbers were compromised, has cost it $139.4 million so far. Approximately 18 months ago, Steven Elefant took over as CIO, and, perhaps unsurprisingly, much of his job is focused on encryption technology.
One of the bigger security challenges at Heartland is developing hardware encryption technology because encryption provided solely through software is no longer adequate, Elefant said in an interview with Ed Sperling at Forbes. The personal data of individuals using credit cards must be protected from the time they swipe their cards until they complete their way through Heartland's processing system.
"I don't think software will ever be secure again. With hardware you can create what we call a tamper-resistant security module. If you try to crack it or drill it or open it you'll wipe out the keys and make it unusable. But unless you do it in hardware you don't have complete security," he said.
Data in motion is the most vulnerable, and hacking by organized crimes is a "huge threat," Elefant said. Hacking tools such as screen scrapers, CPU scrapers and memory scrapers make it imperative to integrate logical and physical security measures.
While security measures take a considerable investment, they can give a company a competitive advantage, he said. Merchants face not only a hit to their reputation, but also fines and fees, if their data is breached. Heartland is trying to set itself apart in the payment processing business with its attention to security now.
The cost of Heartland's huge data breach includes a settlement for almost $60 million with Visa, $42.8 million for other proposed settlements and about $26 million in legal fees, reports Jaikumar Vijayan at ComputerWorld.
For more:
- read Ed Sperling's article at Forbes
- read Jaikumar Vijayan article at ComputerWorld
Related Articles:
U.S. data breach = $204 per lost record
Heartland embraces encrypted payment system
Heartland settles with American Express
A plea in the massive Heartland breach case
SHARE WITH:
Home
| Subscribe | Advertise | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
