I posted my thoughts on the BrutPOS malware from an executive/business perspective on the FireEye Blog today: http://www.fireeye.com/blog/corporate/2014/07/brutpos-from-a-security-practioners-perspective.html. In the post, I discuss the fact that attackers only need to try as hard as they need to in order to succeed. Because of this, attackers can, in essence, be lazy and still be productive. To counter that, some straightforward, foundational information security measures can be leveraged. Have a look if of interest.