This article is the second in a four-part series describing some of the challenges to conducting breach investigations in response to increasingly sophisticated attacks. In Part 1, entitled Right-Sizing the Data Breach Investigation and published with Law360 on March 26, 2013, we provided an overview of the evolving advanced cyber threat landscape and the three common breach response scenarios (internal investigations to fix technical problems, investigation to assess payment card exposure, and investigations to determine compliance with state data breach notification statutes). This Part II takes a closer look at responses involving payment card breaches—both because of their unique nature and their potentially grave implications.
Please click the following link for a full version of Understanding the Role of the PFI in Payment Card Breaches.
Written by Jim Harvey, Partner, Privacy & Data Security | Alston & Bird LLP