Tech executive: Details of the Hannaford Brothers Cos. data breach are still coming to light, but early indications are that the company had passed its certification for PCI DSS compliance. Theoretically, this means the company had security measures in place intended to prevent the data theft and ensuing fraud. It's now painfully obvious that whatever measures were in place still left areas of vulnerabilities that were exploited by some pretty determined hackers. This scenario is yet another reminder that security threats are growing in their sophistication and in the amount of damage that can be done. Enterprise organizations throw tons of money and lots of resources at the problem each year. It's just possible that the way the problem is approached is partially responsible for the vulnerabilities that still exist - or at least the fact that vulnerabilities (or actual breaches) go undetected.
展开▼