Episode 6

Why Compliance Makes You Vulnerable

Setting your target as compliance with a security standard like PCI-DSS or SWIFT-CSP means you are accepting an older standard as your minimum. In this podcast, Craig Jeffery interviews Mark Cuneo a card security expert from CardConnect, a First Data Company to explore why that target is a problem and what the proper security viewpoint should be. Listen in to this conversation at strategictreasurer.com/podcast or from wherever you normally download podcasts.


Time Discussion Topic
0:54 Why does compliance make you vulnerable?
3:50 Instances of card breaches where the companies were compliant
5:44 Known and unknown threats and your ability to respond
9:10 PCI time from publishing standard to compliance requirement
9:42 What should be done to better protect your company and data
10:20 Importance of guidance
13:17 Hardware to Education of your professional staff
14:41 Tokenization explained from the view of the thief
18:47 Point to point encryption
20:56 Vulnerability examples: HVAC, Defense Department
22:07 Card theft and PII theft

Related Resources

Secure Training & Fraud Awareness for Corporate Treasury Teams

SecureTreasury Training Course

With fraud on the rise, corporate coffers are being targeted by increasingly sophisticated criminals. One of the best ways to protect your organization is to educate your people.

SecureTreasury is a cloud-based program designed to reduce the risk of corporate payment fraud by educating interdepartmental staff on common approaches to fraud, areas of organizational vulnerability, and leading practices for increased controls within a complete treasury security framework.

Compliance: 2018 Survey Results Webinar Replay

This webinar cover some of the more salient data points obtained through the survey, including which areas of regulation treasury struggles with the most and the specific aspects of the environment that practitioners are most concerned about. Areas of analysis will include sanctions screening and KYC requirements, FBAR, the use and traction of eBAM solutions, and the current strategies, practices, and plans that practitioners are leveraging to manage their compliance-related operations now and into the future.