PCI DSS

201d6e4b7cd0350a1a9ef6e856e28341

It’s the end of June 2014 and ICS Cyber Security is Still an Enigma to Many

July 02, 2014 Added by:Joe Weiss

The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.

Comments  (1)

65be44ae7088566069cc3bef454174a7

10 Big Data Analytics Privacy Problems

June 30, 2014 Added by:Rebecca Herold

The power of big data analytics is so great that in addition to all the positive business possibilities, there are just as many new privacy concerns being created. Here are ten of the most significant privacy risks.

Comments  (0)

Dea535178c7cc66cd64a57946b006ef2

Key Management in the Public Cloud

June 27, 2014 Added by:HyTrust

Key management is the most important component in any enterprise-grade encryption system. Yet what is the right key management model if you are looking to the cloud?

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Keep it Simple

June 24, 2014 Added by:PCI Guru

Let us refocus our priorities and help the vast majority of the world get secure.

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Medical Device Madness - Security Suffering

June 19, 2014 Added by:Mike Meikle

If the healthcare organization deploys an operating system patch or places their standard endpoint protection on the device, they run the risk of the vendor halting support during a device issue until the offending patch or software is removed.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On SIEM Tool and Operation Metrics

June 19, 2014 Added by:Anton Chuvakin

Measuring SIEM health and operations is still an emerging art, and there is no set of accepted SIEM metrics.

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

What is Continuous Compliance and Assurance?

June 18, 2014 Added by:Jon Long

The phrase "Continuous Compliance" is almost meaningless without an additional reference of "Assurance." I define continuous compliance and assurance as an ongoing process of proactive risk management that delivers predictable, transparent, and cost-effective results to meet information security goals.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Physical Security is Still a Problem

June 17, 2014 Added by:Joe Weiss

I did not think we would be able to film directly in front of large electric substations and other critical infrastructures. I was wrong.

Comments  (0)

65be44ae7088566069cc3bef454174a7

Using “Compliant” Stuff Doesn’t Result in Full Compliance

June 16, 2014 Added by:Rebecca Herold

Organizations that access, in any way, some type of personal information will likely have data protection compliance requirements with which they must comply.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

ICSs and the Internet – What is Actually Happening

June 11, 2014 Added by:Joe Weiss

The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Signatures of PINS? EMV is Coming

June 09, 2014 Added by:Neohapsis

Ultimately, whether cards are authenticated via PIN or signature, the chip-based credit cards being rolled out in the U.S. will rely upon EMV security measures to protect the security of credit card data.

Comments  (4)

201d6e4b7cd0350a1a9ef6e856e28341

Why the Bridge Still Needs to be Built Between Operations and IT

June 04, 2014 Added by:Joe Weiss

When people complain that operators are too focused on safety and reliability I don’t know whether to laugh or cry.

Comments  (0)

E11e506024f5d2b70f037b9af4734f33

U.S. Agencies Need to Improve Cyber Incident Response Practices

June 04, 2014 Added by:Stefano Mele

The U.S. Government Accountability Office (GAO) found that twenty-four major federal agencies did not consistently demonstrate that they are effectively responding to cyber incidents (a security breach of a computerized system and information).

Comments  (0)

022aafe7eef823af1fa3931a5539ae49

What’s New in PCI DSS v3.0 for Penetration Testing?

May 20, 2014 Added by:Nima Dezhkam

As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

ICS-ISAC: Understanding and Implementing Shared Situational Awareness

May 01, 2014 Added by:Tripwire Inc

SARA (the Situational Awareness Reference Architecture) provides applicable steps for creating local and shared situational awareness.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Security And/Or/Vs/Not Compliance?

May 01, 2014 Added by:Anton Chuvakin

Some recent experiences have led me to believe that quite a few organizations have built a deep chasm between security and compliance.

Comments  (1)

Page « < 3 - 4 - 5 - 6 - 7 > »