Security eMagazines

november 2023

Share This
Share This

By Taelor Daugherty, Assistant Editor

Financial Sector Prepares for New Payment Security Guidelines

Personal computer, Output device, Hand, Table, Laptop, Tableware, Product, Touchpad, Dishware

bymuratdeniz / iStock / Getty Images Plus via Getty Images

With increasingly digital payment methods, financial institutions are working to protect consumer data. Financial crimes such as synthetic identity fraud have grown easier with the development of artificial intelligence (AI). AI allows for increasingly believable deepfakes, tricking financial institutions into giving cybercriminals access to sensitive data.

According to a report by Bluefin, 94% of security professionals have significant or very significant concerns pertaining to payment data security. The report finds that malware was the top-cited threat to payment data at 59%. Additional threats include phishing, insider threats, skimming and crypto-jacking. Ninety-eight percent of respondents admitted that they’d experienced at least one data breach over the past 24 months.

The Payment Card Industry Data Security Standards (PCI DSS) were recently updated with increased requirements for financial institutions. According to the report, 90% of respondents are concerned about meeting the March 2025 deadline, and 31% have a strong understanding of all of the requirements. Online/web payments were cited as the payment method most affected by PCI DSS guidelines, followed by call centers, in-store payments and invoices.

The new requirements are designed to address current payment security concerns. Some of the PCI DSS 4.0 requirements include:

  • Developing cybersecurity methods for threats
  • Performing targeted risk analysis
  • Hardware, software and security reviews every 12 months
  • Anti-malware updates
  • Data storage security updates
  • Maintaining and securing new payment technologies

According to the report, 86% of respondents say they will mostly or solely rely on third-party vendors to meet the requirements. The report found that respondents prioritized data security vendors who were knowledgeable of regulatory environments and PCI DSS compliance.

Despite compliance concerns, 80% of respondents agree or strongly agree that the updates are fair and necessary. While not required by law, the regulations are designed to guide financial institutions towards increased cybersecurity.

Read the full report here.

advertisement

Interior design, Property, Building, Window, Product, Plant, Fixture, Architecture, Line

advertisement

Campus Security Personnel and Emergency Response

Plant, Sky, Property, Building, Cloud, Tree, Grass, Fountain

napolim / iStock / Getty Images Plus via Getty Images

School safety is a growing concern across the United States. Less than a month into the 2023-2024 school year, UNC Chapel Hill has had two separate armed intruder situations. School security leaders have implemented a number of new technologies and procedures, including weapons detection, stricter access control and an increased police officer presence on campus.

Security leaders are also looking for ways to share their policies with other campuses. In Purdue University’s annual report, the school outlined necessary safety information in a central location for students, faculty and staff. The report highlights incidents that often take place on college campuses, including:

  • Aggravated assault
  • Arson
  • Burglary
  • Domestic violence
  • Hate crimes
  • Motor vehicle theft
  • Rape
  • Simple assault
  • Stalking

According to the report, all Purdue University Northwest Police Department (PNWPD) officers attend the Indiana Law Enforcement Academy. This includes more than 600 hours of training with an additional 24 hours of in-service training every year. This ensures all campus officers receive the same training and are kept up-to-date on new standards or risks.

In comparison, the campus public safety officers at Pacific University are described as “licensed security professionals” who work alongside Forest Grove or Hillsboro Police officers (dependent on county lines). Pacific University campus public safety officers don’t have the same authority as Forest Grove Police Officers, meaning that their response will be different in the event of an emergency.

Campus security officers, for example, are trained to respond to campus-specific issues. They’re familiar with codes of conduct and can respond to non-criminal incidents. This can include handling alcohol or other substances that aren’t illegal but are banned on campus grounds, or other university policy violations. Campus safety officers at Pacific University can make arrests, but then transfer individuals to police custody.

In addition to annual reports, schools are increasing direct communication with their students. Indiana University (IU) is offering emergency procedure training to students, faculty or staff who sign up. These trainings include recognizing the different potential emergency situations, defined by IU as:

  • Active shooter-aggressor
  • Bomb threats
  • Fire & building evacuation
  • Hazardous spills
  • Shelter-in-place
  • Infectious disease
  • Medical emergency
  • Natural disasters
  • Utility failure
  • Travel safety

IU also reminds students to sign up for emergency alerts, and utilizes social media to keep students up-to-date. The school also provided instructions on how to create an emergency kit, and encouraged students to keep them in dorms and cars.

Safety measures are useless if no one knows about them. Security leaders should consider the best way to share information with employees and students to keep campuses safe.

Share This