Secure the integrity of both end-user and POS systems, and maintain the ability to monitor network activity for both preventative and forensic measures in the event of an attack.
Collect, aggregate, and alert real-time process data from endpoints and POS systems alike, in addition to monitoring related infrastructure residing within the organization’s network.
Document baseline behaviors across POS systems and implement a process to identify changes. Use this data to identify the deployment of malicious card-skimming POS malware, such as TinyPOS.
Ensure that all applications are up-to-date via patch management and vulnerability prioritization. Conduct regular code integrity checks on public-facing e-commerce applications and implement web application firewalls as an added layer of defense.
This week’s breach roundup is led by network outage at Central Indiana Orthopedics brought on by a ransomware attack and a dental vendor data breach affecting multiple dentist offices and 174,000 patients.