By Matt Pillar, Editor In Chief, Integrated Solutions For Retailers magazine
I recently spent some time with Rocco Grillo, certified information systems security professional and managing director of the security and privacy solutions practice at Protiviti. Yes, Grillo's personality is just as intimidating as his name. Although he's relatively soft spoken, you get the impression he's taking your response to what he's saying as seriously as he takes what he says, if you know what I mean.
I asked Grillo about who's responsible for mitigating the risk for and/or dealing with security breaches of the payment kind. From one retailer to the next, there seems to be no standard. Responsibility often falls on an ill-formed committee of IT and LP folks; only when they're lucky do they have a concerned C-level on board.