Resources for Federal Financial Institutions Examination Council (FFIEC)

The 'security standards dilemma': Network segmentation and PCI Compliance

searchsecurity.techtarget.com

While the exact details of the Hannaford Bros. data security breach may always be called into question, we do know that criminal hackers accessed as many as 4.2 million credit and debit card numbers by installing malware on the servers of more than 270 of the company's stores. The tactics used by the attackers raise serious questions for retailers and have equally serious implications for information assurance practices.

One of the questions that security professionals must ask is: "Could better network segmentation have prevented or limited the scope of the breach?" Some have also wondered whether the Payment Card Industry Data Security Standard (PCI DSS), with which Hannaford had been deemed compliant, adequately addresses the importance of that type of separation.

View the Resource

Share or bookmarklet this web page at: