May 20, 2014 Added by:Nima Dezhkam
As a main area of our interest, PCI v3.0 enhances the Penetration Testing requirement by adding guidelines that help both the organizations and the auditors to better show and understand two important areas of concern in every PCI compliance effort.
May 01, 2014 Added by:Tripwire Inc
SARA (the Situational Awareness Reference Architecture) provides applicable steps for creating local and shared situational awareness.
March 31, 2014 Added by:Gilad Parann-Nissany
Any company or individual using cloud services today should encrypt data in addition to their firewall, anti-virus and other security measures. Incidentally, it is also encouraged by regulation in several sensitive sectors, notably businesses in the health industry under HIPAA patient and data privacy laws and the payment card industry under PCI DSS standards.
February 25, 2014 Added by:David Navetta
Payment card breaches are not 100% preventable, and for most merchants over time, are inevitable...As such, rather than focus solely on cumbersome security standards such as PCI-DSS, payment card breaches should be viewed more from an overall risk management perspective.
February 24, 2014 Added by:Joe Weiss
The recently issued NIST Framework on CIP is a good basic top level document. It directly addresses ICS which is a great step forward and I am very happy to see IEC (ISA)-62443 liberally addressed. I believe the shortcoming is the lack of any actual requirements.
February 05, 2014 Added by:Thomas Fox
In honor of The Movie Channel’s annual 28 days of Oscar, the upcoming Academy Awards and inspired by Jay Rosen’s prior career and the FCPA Professor’s hypothetical discussion between a Chief Compliance Officer (CCO) and his Chief Executive Officer (CEO) last week...I thought I might write about 'Compliance Defense- The Movie.'
February 04, 2014 Added by:David Navetta
While the outcome of this lawsuit is uncertain, breach notification practitioners and companies that handle California personal information should keep an eye on this case and any rulings that come out of it.
February 04, 2014 Added by:Joe Weiss
This risk is certainly more probable than once in a million years which is the minimum criteria for the safety analysis to address specific threats.
February 04, 2014 Added by:Anthony M. Freed
U.S. intelligence agencies warned the Department of Health and Human Services that the Healthcare.gov may have been compromised by contractors from Belarus who worked on developing code for the network who are suspected of inserting malicious code.
Verizon Injecting Perma-Cookies to Track Mo... kim cung on 12-21-2014
Android Phones in China Hit by Most Costly M... kim cung on 12-21-2014
Ask The Experts: Why Do Security Testing of ... kim cung on 12-20-2014