John Sileo Receives CPAE Hall of Fame Award

DENVER, /PRNewswire/ — Just a decade before stepping on stage to receive the speaking industry’s most prestigious award, John Sileo thought he might be going to jail for crimes committed in his name by another person.

“An agent from the DA’s office showed up on my doorstep to tell me I was being investigated for the electronic theft of $300,000,” says Sileo, a cybersecurity keynote speaker and president of The Sileo Group, a cybersecurity think tank born from his experiences with the crime. “We lost nearly everything – my family’s 40-year-old business, our investments, my career and a whole lot of time and money.”

Sileo was an early victim of cybercrime, but in his case the theft was instigated by an insider who made illegal electronic bank transfers using Sileo’s identity. “Businesses that don’t pay attention eventually pay the price,” says Sileo from a keynote speech he delivered recently to the banking industry.

As the recent hacking of the DNC and the New York Times shows, cybersecurity is top of mind for every business in America. How they choose to respond directly affects their bottom line.

Spurred by the massive uptick in cybercrime, Sileo wrote his first of several books on the topic in 2005 and by 2006 was being asked to speak around the world on cybersecurity, data privacy and identity theft. Since then, Sileo has spoken at the Pentagon, on 60 Minutes, in USA Today and for satisfied clients ranging from Charles Schwab to Visa, Pfizer to Homeland Security. His latest book, Privacy Means Profit (John Wiley & Sons), explores the educational links between personal protection and securing data in the workplace. Sileo also hosts Sileo On Security (SOS), a series of video tips used for corporate training.

This summer, Sileo was asked to deliver a rare acceptance speech (see video) as he joined the ranks of former U.S. President Ronald Reagan and General Colin L. Powell in the CPAE Speaker Hall of Fame®.  This award honors professional speakers who have reached the top echelon of platform excellence. Joining John on stage were fellow inductees David Glickman, Jason Hewlett, Jane Jenkins Herlong and Linda Larsen.

“I’m so grateful for everyone who believed in me, who encouraged me to turn my hard-earned innocence into lemonade. I couldn’t have done it without the National Speakers Association, without my close friends and especially without my family behind me,” says Sileo, visibly holding back his emotions. “I’m the luckiest guy on earth.”

It’s that kind of positivity in the face of defeat that landed Sileo in the company of fewer than 300 speakers worldwide who have been inducted into the CPAE Speaker Hall of Fame®. Now that’s some pretty rewarding lemonade.

Is CHIP & PIN Credit Card Security Worth $100M? (Are You Serious?)

I’ve had dozens of media requests for interviews and countless more email inquiries from people concerned about the Target data breach.  At first, everyone just wanted to know details of how it happened, how big the breach was, and what they should do about it if their credit cards were at risk.  Now that the initial shock of it is over, we are on to a bigger question:

How do we keep breach from negatively affecting so many Americans? 

Breach will always happen. If it’s digital, it’s hackable. It’s coming to light that the Target breach may have been due to the computer access an HVAC WORKER (no, not an entire company, an individual WORKER) had to Target’s systems. While there is no guaranteed way of preventing fraud, there is a pretty reliable answer out there, and it’s been around for decades.  That answer is for the US to finally catch up to more than 80 countries around the world and start using chip and PIN enabled credit cards, also known as EMV, smart cards, or microchip cards.

By placing microchips in credit cards, it makes it much harder for criminals to clone the cards than the relatively easy-to-crack magnetic stripes.  Chip cards take the cardholder information and turn it into a unique code for each transaction. They also often require additional authentication, such a personal identification number, or PIN. So in the case of the Target breach, the stolen data couldn’t be used to easily create duplicate credit cards, drastically reducing the value of the stolen data. The possibility for online abuse of the numbers (known as Card Not Present transactions) would remain a threat from the breach, but it would be a fraction of the problem (and solvable in other ways).

France has been using this technology since 1982, the UK since 2001, and Canada since 2007. In the first five years after the UK started using chip & PIN, fraud went down 70%.  In that same time period, the cost for fraud in the US had DOUBLED. It’s not that the technology is perfect, it’s that the increased security convinces criminals to target those who don’t use the technology (which to this point has only been, well, the United States). 

If there is such a great guarantee on fraud reduction by switching to chip and PIN cards, why is the US resisting it?  The answer:  MONEY.  Banks, credit card companies, and retailers have been caught in a battle of wills for many years now, with retailers not wanting to spend money on installing new chip-friendly card readers unless banks are committed to spending money on issuing new cards.

The cost of implementing the card system can be staggering. Target is expected to spend around $100 million to install new chip card readers in an effort to protect against cyber theft.

So is it worth $100 million to implement chip and PIN technology?

Without question. And even Target thinks so, or at least it did ten years ago when it was at the forefront of implementing chip & PIN technology.  From 2001-2004 they spent $40 million to adopt chip-based credit-card technology and installed 37,000 new point-of-sale terminals to handle chip cards across its U.S. stores.

Ultimately they backed out because their marketing strategy at the time just didn’t catch on with consumers and because it was taking “A FEW SECONDS” longer per customer to get through the line.  I don’t know about you, but I’d wait an extra two seconds in order to know my data is secure.  And I bet Target victims would take back the time it is taking them to change their credit card information with every online site or monthly automatic payment company their now-compromised card was used for.

To put the cost in perspective, $100 million is about $1.00 per Target breach customer. I bet the average credit card holder would be willing to foot the $1 bill to dramatically reduce their risk (even if it’s not a perfect solution). In fact, the cost of fraud gets passed on to customers anyway (higher credit card rates, higher retail prices), so why not spend that same money (or far less, in fact) on securing the transactions in the first place? 

  • A survey of 936 credit unions indicates the Target breach has cost credit unions an average of about $5.10 per card affected by the security lapse.  The Credit Union National Association said these costs most likely do not include any fraud losses, which are likely to occur later.
  • In 2012, the Ponemon Institute’s annual study showed the average cost of a data breach in the US is $188 per person notified.
  • For credit issuers, the average cost per record breached is set at $280.
  • Aite Group reports that card fraud in the U.S. already costs the card payment industry (primarily issuers) $8.6 billion a year.

 You tell me if it’s worth it! (Seriously, I want your thoughts and comments below)

How do we get there?

It seems crystal clear to me that fraudsters have gotten so sophisticated that we either need to join together (retailers, banks, and credit card companies) or we will fail to stop this trend of Mega-Breaches.  Pardon the pun, but clearly we have put the “target” on our own backs; criminals have increasingly focused on the US because we are so far behind.

James Dimon, CEO of J.P. Morgan Chase sees this as an opportunity for real change.  He said,  “All of us have a common interest in being protected, so this might be a chance for retailers and banks to for once work together, as opposed to sue each other like we’ve been doing the last decade.”

I see 4 overarching steps that need to be taken:

  1. Retailers, credit card processors, banks, VISA, MasterCard and American Express need to stop focusing on their own self-interest (profit) and start to work together for the common good. Of course, they won’t do this without incentive, so…
  2. Congress should create  a U.S. equivalent of the U.K. Card Association that sets policy and has the authority to fine those stakeholders who fail to act.
  3. In other words, we will need legislation to ensure that the “liability shift” dates projected for 2015 are met.  This means that if credit card companies have issued chip and PIN cards, but retailers have not installed machines to read them, the merchants would be held accountable for any losses due to fraud.
  4. Everyone needs to understand that there will be costs associated with the change, just like there are costs when you install a security system, a lock on a door or a vault in a bank.

Will chip and PIN cost retailers? Yes. Will chip and PIN cost banks? Yes. Will it cost consumers? Yes. Will it cost (in total) as much as the fraud resulting from even a single major breach like Target. NO. It’s time to start thinking about security from a long-term perspective, and long-term profitability will follow.

John Sileo is an author and highly engaging speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on Rachael Ray, 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Identity Theft Expert John Sileo on The Rachael Ray Show

John Sileo appeared on CBS’s The Rachael Ray Show on January 29, 2014 to talk about the latest identity theft trends and threats.

Rachael asked John to go into one of their audience members homes and pick it apart from a privacy standpoint. John took a look at everything, from items hidden under the mattress to filing cabinets, trash cans, computers, mobile devices and more. Take a look to learn how to bulletproof your home and self against identity theft.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Data Security Expert John Sileo on Fox Business (Target Data Breach)

Data Security Expert John Sileo talks with Fox Business about the recent Target data breach.

 

Data Breach Expert John Sileo on Fox & Friends – Target Data Breach

Data Breach Expert John Sileo goes on Fox & Friends to discuss the 110 million records breached at Target.

Clean Up Your Online Profile with Fox and Friends

Child ID Theft Expert: Your Child is 51X More Likely to Become Victim

Allowing our children the innocence of their childhood is paramount to us as parents.  Because our children are pretty much the center of our universe, we want to do everything in our power to keep them safe and to safeguard their futures. In this information age, identity theft has become global in its reach and can have devastating consequences for our children’s futures if we’re not vigilant from the day they acquire a Social Security number.

Why are our kids, the very people we most want to protect, so vulnerable? Because they have unused, unblemished credit profiles. Richard Power, Distinguished Fellow, Carnegie Mellon CyLab, recently published the first ever child identity theft report based on identity protection scans of over 40,000 U.S. children. It is extremely alarming that 10.2% of the children in the report had someone else using their Social Security numbers. That figure is 51 times higher than the rate for adults of the same population.

We take so many steps to protect our children. But how often do you check their credit report? “Check my kid’s …credit report?,” I can hear you say. “She is only seven! She doesn’t even have her front teeth yet, let alone a credit card! There are so many years to go before we need to worry about that. Right?”

Unfortunately, no. Because children have untouched and unblemished credit records, they are highly attractive targets. Child identity theft is profitable, hard to detect and a nightmare to recover. Thieves steal a child’s identity early on, nurture it until they have a solid credit score, and then abuse and discard it. If it’s not discovered in time, fraudulent use of your child’s identity could mean the loss of educational and job opportunities and starting off adulthood at a serious disadvantage with someone else’s bad credit in her name. All an identity thief needs to ruin your child’s bright financial future is her name and Social Security Number.

“Shouldn’t my child’s age show up on any credit background check, shouldn’t the merchant recognize that the person in front of them buying a car on credit isn’t seven years old?” you ask. Yes, it should, but the people screening the credit report rarely give it the time and care necessary to detect fraud.

All too often, background checks involve simply matching the name and the Social Security number provided. This leaves doors wide open for scandalous minds to wreak havoc on your child’s perfect credit. The most unsettling part is that the age of the applicant (in this case, the person posing as your child) becomes official with the credit bureaus upon the first credit application. This makes clearing a sabotaged credit record even more difficult because you have to prove to the credit bureau that your child is only seven and isn’t responsible for thousands of dollars of debt.

In no time at all, your child could have a maxed out credit card, unpaid bills and a huge mortgage for beachfront property across the country. You might not discover the illegal purchases until your child opens a bank account, applies for a job, tries to get a driver’s license or enters college. At that point, you are left with the time-consuming dilemma of cleaning up someone else’s fraudulent mess. If only clearing up a credit report was as easy as cleaning up after your kids.

Do the gaping holes in our current credit system and the audacity of criminals leave you enraged? They should. It is imperative that you use your anger as fuel to protect and prepare your children’s future before it is too late. In Part II of this series, we will talk about the specific steps to take in order to protect your child from identity theft.

John Sileo lost almost a half-million dollars, his business and his reputation to identity theft. Since then, he’s become America’s leading keynote speaker on identity theft, social media exposure and weapons of manipulation. His clients include the Department of Defense, Pfizer and Homeland Security. To learn more, visit ThinkLikeASpy.com.

 

Anderson Cooper Targets ID Theft in New Year's Resolution

Anderson Cooper’s 1st show of the year brought a panel of experts to discuss New Year’s resolutions, why we make them and how we can better keep them. Identity theft expert John Sileo closed out the show with 3 Tips for Avoiding Scams in the new year. Click on the video to the left to view the segment. Anderson and John discuss smartphone stupidity, passwords and social networking privacy.
Identity Theft Expert John Sileo Appears on the Anderson Cooper New Year’s Resolution Special.

John Sileo is an award-winning author and speaks internationally on the dark art of deception (identity theft, data privacy, social media manipulation) and it’s polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply results and increase performance by building a culture of deep trust. His clients include the Department of Defense, Pfizer, the FDIC, and Homeland Security. Sample his keynote or media appearances on Anderson Cooper, 60 Minutes or Fox Business. Contact him on 800.258.8076.

Top Tips to Stop Travel Identity Theft – Sileo on Fox Business

Identity theft increases a great deal when you are on the road. Start protecting yourself with these Top 5 Identity Theft Tips while traveling:
  1. Travel Data Light. If you don’t have to take it with you, increase your safety and leave it at home. This includes checkbooks, debit cards, excess credit cards, Social Security cards and any excess digital gadgets. Simplicity is Security!
  2. Guard Your Devices. Smartphones and tablets are as powerful as laptops. Turn on the auto-lock passcode to keep others out of your information.
  3. Surf Protected. Stop using the free WiFi hotspots in cafes, airports and hotels, as they are constantly sniffed by cyber criminals. Instead, setup tethering between your mobile phone and tablet or laptop so that you are surfing safely.
  4. Privacy Please! Instead of leaving loads of data unprotected in your hotel room (a major source of theft), hang your privacy sign on the door and let house cleaning know that you do not want to be disturbed. Lowering traffic lowers risk.
  5. Mind the Lions at the Watering Hole. Take a minute to watch the video to the left to understand how increasing your awareness in airports, hotels, conferences and restaurants can save you tons of time and money.
Remember, protecting identity on the road isn’t just about you, it’s also about the data you handle in your business every day. It’s one thing to put your own identity at risk, it’s an entirely different affair to jeopardize the security of customer data, employee records or intellectual capital owned by the organization that pays you.
John Sileo is an author and recognized keynote speaker on how identity theft prevention bolsters your bottom line. Learn more about how he can inspire your organization to care about data security, social media privacy, identity management and trust leadership. Contact him directly on 800.258.8076.