Payment Card Industry (PCI)/Target Breach - Essay Example

Payment Card Industry Data Security Standard Insert Insert a) PCI Data Security Standard seeks to keep the card holders data secure. It hopes to ensure that issues of the security of data have been in use consistently across the globe. What it does provide the starting point of both operational and technical needs that will ensure that the data in the card is secure (Virtue, 2009).The bank has in place technology on the chip that provides the information when using it at terminals that allow this.

It also has the capability of tracking usage patterns of your card so as to allow blocking when something outside the normal occurs to avoid fraud.b) The banks or credit card associations may not understand the contents of the requirements for compliance. In that regard, they need a quality security assessor who can guide them through the process. They may sideline such an inevitable step thus putting the entire process at risk. Moreover, they may just do the testing of the environment of the card just to satisfy the Union or stop doing it if they do not receive either external or internal attacks from some time.

That will greatly compromise the security standards.c) The recommendations include following the precise and focused steps set in the struggle for achieving compliance with PCI DSS. The bank should integrate the practices and processes into banks usual routine in regard to securing their credit cards.Further, there is need to document techniques that are applicable to processing payments through the business cards and their usage precautions.d) Governments should intervene so that banks and credit unions comply with the standard.

By so doing, they are protecting the citizens and making it easier to trace fraud. The results include bringing the perpetrators to book easily. On the other hand, the government may also not intervene because the move will give powerful people in governance access to vital information about their enemies. If ethics is not applicable correctly, they may use such information to their advantage and compromise the very reason for its existence.What should have been done to prevent the incidence?

Prevention mechanisms to avoid attacks include having variety strategies to detect such intrusion. Relying on one leaves a lot of loopholes. Anti-malware software and antivirus with such capabilities should be put into counter memory scraping techniques (Norwood & Catwell, 2009). Integral to the security system is antiphishing mechanisms especially where vendors are partisan. Plans should accommodate segmentation of the organizations network thus controlling access level to sensitive information.

It also helps to restrict the number of devices in communication. The overall goal is to prevent loss of data in the future. ReferencesNorwood, K., & Catwell, S. (2009). Cybersecurity, cyber analysis, and warning. New York: Nova Science Publishers.Virtue, T. (2009). Payment card industry data security standard handbook Hoboken, N.J.: John Wiley & Sons.