Matt Donnelly’s Insights on: How the Data Breaches of 2017 Changed the Security Landscape for Acquirers
Since the Target data breach in 2014, media and security experts have had a hyper focus on securing credit card data. While securing credit card data must be a critical component of any organization’s information security program, there must be a broader focus on consumer PII data. Consumer PII data breaches, like that of Equifax, demonstrate many organization’s lackluster – and often failed – approach to protecting sensitive consumer data. Credit card data security has been the primary focus of security professionals due to the financial and organizational implications of the Payment Card Industry with non-compliance. With the enactment of GDPR, the impact of failing to protect consumer PII data is arguably more detrimental to an organization, and we expect (and hope) to see PII security being elevated to a level on par with that of protecting credit card data.