After Heartland Payment Systems suffered its massive breach in January, CEO Robert O. Carr issued a call to action, suggesting payments players implement end-to-end encryption and share breach forensics among themselves. Some dismissed this rant as a public relations strategy to distract from Heartland's culpability in the case, but Carr made good on his word in early May with the formation of the Payments Processing Information Sharing Council (PPISC).
Carr kicked off the inaugural meeting of the PPISC as a new subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC), firm in his belief that the entire industry would benefit from the anonymous sharing of information about breaches and tools to detect new variants of malicious software. Some 30 people from 19 companies attended the meeting, which Carr called a success. "I was concerned there would be jockeying by some of the companies to get a competitive edge," Carr says. "But there seemed to be genuine interest in doing what's best for each other and the industry."