Following reports that hackers triggered more than 60,000 unaddressed alerts in an attack on Neiman Marcus’s credit card payment systems, Lunarline released a statement emphasizing a widespread need for retail organizations to develop stronger internal cyber security capabilities.
According to a Bloomberg BusinessWeek report documenting the Neiman Marcus data breach, cyber attackers remained undetected for more than eight months and exposed as many as 350,000 credit card numbers, despite having triggered several hundred security alerts per day.
This breach follows a similar, widely-publicized incident involving compromised credit card information impacting as many as 110 million Target customers. Lunarline CEO Waylon Krush commented on these incidents, emphasizing that technical security solutions often fall short.
“Everyone is looking for a silver bullet that will address all of their cyber security challenges. But the truth is, there’s no such thing. Even the best cyber security tools are more like MRIs than curealls. You still need trained experts to interpret data, analyze trends and lead incident response,” says Krush.
“Successful attacks against retail sector organizations like Neiman Marcus and Target also highlight the inadequacy of common credit card security best practices, such as the Payment Card Industry Data Security Standard,” added Mr. Krush. [These standards] are frankly no longer sufficient in the age of modern, targeted cybercrime and must be redesigned.”
Lunarline Security Operations program manager Corey Johnson further detailed Lunarline’s efforts to better equip its clients to confront complex security challenges.
“Over many years supporting advanced security operations we’ve learned that intrusion detection systems, on their own, aren’t nearly enough,” Johnson said. “At the same time we understand how expensive it is to stand up security capabilities. So we offer our clients access to Lunarline’s in-house Security Operations Center to supplement their existing tools with Lunarline’s extensive cyber security expertise.”
CEO Waylon Krush also emphasized the role of education in enhancing security posture. “Developing the skills of security professionals and teams is a big part of what Lunarline does,” said Mr. Krush. “Lunarline’s School of Cyber Security offers a wide range of classes to equip security professionals with the expertise they need to stay ahead of constantly evolving cyber threats.”