New CISO Post at Cardtronics Signals Changing ATM Security Profile

Largest retail ATM owner cites responsibility to clients in creation of chief information security officer position.

By David Morrison | January 17, 2013 at 05:21 AM

Ever since the major card brands mandated that information needed to process ATM transactions should only be communicated with the highest levels of encryption, ATMs have been largely isolated from the larger battles over information and data security.

Sure, ATMs always faced a few of their own, unique, threats. Opportunistic thieves could modify ATMs to capture card information and personal identification numbers from unwitting consumers. And individual ATMs have always been somewhat vulnerable to thieves simply uprooting them and carrying them away to force open somewhere else.

But, by and large, ATMs have been secure from the threat that hackers are going to compromise their networks to steal cardholder data.

But that may be changing. As new threats and channel integrations emerge – note Diebold's recent launch of an ATM that syncs with smartphones – the ATM industry also is reacting in new ways.

Today, Houston-based Cardtronics, the world's largest independent deployer of ATMs, announced that it was establishing a new position of chief information security officer. Jerry Garcia, who spent the past 10 years designing and developing the information technology systems the company uses to run its business, will now focus exclusively on Cardtronics' information security program as its new CISO, the firm announced.

“As the world's largest retail ATM owner, as the operator of a global ATM fleet approaching 63,000 machines, Cardtronics has a responsibility to its clients, consumers and our shareholders to be a model of excellence in information technology and security,” said Steve Rathgaber, chief executive officer, Cardtronics.

“The creation of a dedicated information security officer role emphasizes Cardtronics' commitment to industry-leading security systems, and Jerry Garcia, the architect of the IT landscape at Cardtronics, makes for an ideal candidate to exercise enterprise-wide oversight of our information security program.”

Cardtronics' creation of a CISO position signals that the company may be positioning itself for a time when ATM networks may begin to find themselves more vulnerable to information security attacks than they have previously been.

Credit unions and credit union-owned ATM networks should prudently evaluate and prepare for this risk.

David Morrison reports on credit and debit cards, among other responsibilities, at Credit Union Times.

NOT FOR REPRINT

1 Tanya Otsuka Speaks Out in First Interview Since Termination From NCUA Board

2 PSECU’s Chief Information Officer to Retire and Pass the Torch

3 Agile Banking: Build & Maintain Flexible Operating Models for a Rapidly Changing World

4 Judge Sentences Former Alabama Credit Union Employee Insider Who Aided Telegram Scam

5 5 Tactics to Fight Fraud Proactively at Your Credit Union

Consulting
Consulting Top Consultants 2025
June 26, 2025 - New York

Consulting Magazine identifies consultants that have the biggest impact on their clients, firms and the profession.
More Information
Real Estate
GlobeSt. ELITE Women of Influence (WOI) 2025
July 21, 2025 - Denver

GlobeSt. Women of Influence Conference celebrates the women who drive the commercial real estate industry forward.
More Information
Real Estate
GlobeSt. Multifamily Fall 2025
October 15, 2025 - Los Angeles

Join the industry's top owners, investors, developers, brokers & financiers at THE MULTIFAMILY EVENT OF THE YEAR!
More Information