July 22, 2014 Added by:Joe Weiss
It is important to understand the validity of the observations and conclusions as this report is being widely quoted.
July 21, 2014 Added by:PCI Guru
Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.
July 16, 2014 Added by:Rafal Los
Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?
July 08, 2014 Added by:Joe Weiss
This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.
July 03, 2014 Added by:PCI Guru
All of you service providers out there that have remote access to your customers managed by some enterprise credential management solution, please implement a strong two-factor authentication solution on your customer credential management solution before you too become a newspaper headline.
July 02, 2014 Added by:Joe Weiss
The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.
June 30, 2014 Added by:Rebecca Herold
The power of big data analytics is so great that in addition to all the positive business possibilities, there are just as many new privacy concerns being created. Here are ten of the most significant privacy risks.
June 19, 2014 Added by:Mike Meikle
If the healthcare organization deploys an operating system patch or places their standard endpoint protection on the device, they run the risk of the vendor halting support during a device issue until the offending patch or software is removed.
June 18, 2014 Added by:Jon Long
The phrase "Continuous Compliance" is almost meaningless without an additional reference of "Assurance." I define continuous compliance and assurance as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective results to meet information security goals.
June 16, 2014 Added by:Rebecca Herold
Organizations that access, in any way, some type of personal information will likely have data protection compliance requirements with which they must comply.
Hacker to Release Symantec's PCAnywhere Sour... Kajal Singh on 04-21-2015
Financial Malware Fell in 2014 As Takedown O... Kajal Singh on 04-21-2015
Weaknesses in Air Traffic Control Systems ar... Kajal Singh on 04-21-2015