U.S. retailer TJ Maxx revealed back in January that more than 45 million credit cards were stolen from company servers, and the theft includes transactions going as far back as 2003. With revenue exceeding $16 billion, TJ Maxx corporation owns 2,300 stores in the US, Canada and Europe. The Federal Trade Commission has launched an investigation of this data breach, and a group of banks have filed a class action lawsuit against the retailer to recover damages topping more than $10 million.
|Question and Answer Session - Following the presentation attendees of this session will have an opportunity to hear questions asked of the speakers as well as listen to information security compliance concerns from financial services organizations throughout the country. BankInfoSecurity.com will be available to answer any specific questions from attendees on issues related to data breaches or security over customer data.|
The TJX episode is just the latest in what seems to be the beginning of an epidemic of credit and debit card/identity theft breaches. Financial institutions face loss of reputation and customer confidence when data breaches occur, even if it is outside of their control. When it happens, the ensuing work and cost entailed to reissuing credit and debit cards, assure customers, and protect the institution against compliance and legal risks can be overwhelming.
In this webinar, attendees will hear from industry veterans - Susan Orr, a former federal regulator, and William Henley, Director of IT Risk Management at the OTS. During the course of the presentation the speakers will outline the state of affairs that financial institutions face when it comes to the regulations and compliance guidance that cover data protection. Attendees will also hear best practices in data protection from a regulator and a banker including "lessons learned" from previous data breaches that attendees can use to improve data protection at their institution.
The laws and compliance regulations designed to protect financial institutions and their customers failed to stop the TJX breach. Despite multiple regulatory agency guidance that strongly recommends entities implement the appropriate security controls to protect information, data breaches are still happening. We now have the Payment Card Industry Data Security Standards issued by the major credit card companies wherein merchants must comply with safeguarding this nonpublic personal consumer information. However, financial institutions are the ones that carry a majority of the losses, including loss of customer confidence, reputation loss, and the costs for replacing money in customer accounts.
What are the controls that should be in place to comply with all the requirements? What do regulators expect to see? This webinar will outline what is expected from institutions from federal, state and industry standards to protect consumers. This presentation will describe the steps an organization can take to ensure compliance from their vendors and merchants to protect the customer information.