When Target was hacked just before Christmas for credit- and debit-card data, as well as personal information, 40 million accounts were compromised, along with non-card personal information, including phone numbers, email and street addresses for another 70 million customers. The FBI says that's just the beginning. Not all compromised businesses have been publicly identified and cyber-criminals are increasingly sophisticated. But banks, retailers -- and policy makers — are reportedly dragging their feet, with only 11% of businesses adopting available security measures. How long will it take the US to upgrade credit and debit cards? In the meantime, how vulnerable are consumers? Is cybercrime a cost of doing business that will ultimately be passed on?