HIPAA

Fc152e73692bc3c934d248f639d9e963

Whole Disk Encryption Explained

May 18, 2015 Added by:PCI Guru

There are a lot of security professionals and lay people that seem to believe that encryption is encryption and that is simply not the case.

Comments  (0)

Default-avatar

New PCI DSS Changes are Around the Corner

May 12, 2015 Added by:Don Brooks

The latest payment card industry data security standard, a set of requirements designed to help businesses better secure their customers’ payment card information, took effect January 1, 2015, however some of the changes become mandatory at the end of next month.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Embracing Cyber Resilience in Today's Cyber-Enabled World

May 06, 2015 Added by:Steve Durbin

Organizations function in a progressively cyber-enabled world today and traditional risk management isn’t nimble enough to deal with the risks from activity in cyberspace. Enterprise risk management needs to be extended to create risk resilience, built on a foundation of preparedness.

Comments  (0)

6a71825dbf6d876764b845e0fd664e0b

5 Ways Schools Can Upgrade Cyber Security

May 06, 2015 Added by:Paul Lipman

Today’s cyber criminals are more aggressive than ever before in their quest to achieve financial gains through hacking. With that being said, it should come as no surprise that our nation's schools are a prime target for such attacks. In this article, iSheriff CEO Paul Lipman highlights the five actions that can be taken to upgrade cyber security practices.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

By All Means, Do as Little as Possible

May 04, 2015 Added by:PCI Guru

I write this because I have had enough of arguing over the lowest common denominator when it comes to securing networks, servers and applications.

Comments  (0)

Default-avatar

Four Steps to An Effective Privacy Program

April 27, 2015 Added by:Angela Matney

Privacy is not just a concern for large, multinational corporations. Today, businesses of all sizes collect and store more personal data than ever before.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Why Requirement 5 Must Change

April 21, 2015 Added by:PCI Guru

The issue is the ineffectiveness of anti-virus solutions and why they are ineffective.

Comments  (0)

0ead717779244d9aab5c1699308850d2

PCI DSS 3.1 Sets Deadline for SSL Migration

April 16, 2015 Added by:Brian Prince

The PCI Security Standards Council (PCI SSC) has released the latest version of the PCI Data Security Standard (PCI DSS) with an eye towards addressing security concerns related to the Secure Sockets Layer (SSL) protocol.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

ASV Guidance for SSL/TLS Vulnerabilities

April 16, 2015 Added by:PCI Guru

Hidden by all of the news about v3.1 of the PCI DSS being published, is a notice that was sent to all PCI approved scanning vendors (ASV) from the PCI SSC regarding how to handle SSL and “early TLS” vulnerabilities.

Comments  (0)

6a71825dbf6d876764b845e0fd664e0b

Cybersecurity Trends for SMBs: Mobile, Security and the Cloud

April 10, 2015 Added by:Paul Lipman

While SMBs are vulnerable to many of the same types of attacks as the companies making headlines (Target, JP Morgan, Home Depot, Anthem, etc.), they must defend themselves with vastly smaller IT teams and budgets. SMBs are finding they have a unique set of challenges and vulnerabilities that require a comprehensive but tailored approach to security.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI Issues Penetration Testing Information Supplement

April 06, 2015 Added by:PCI Guru

Not surprisingly, I have a number of comments based on what I have read. There are some good things that have come out of this effort. But in my opinion, the committee missed the boat in a few areas and those will lead to even more confusion between penetration testers, QSAs and clients.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI Swot Analysis

March 30, 2015 Added by:PCI Guru

I had someone ask me about my thoughts on this sort of analysis of the PCI DSS. While these comments are PCI focused, I found that they actually apply to all security frameworks.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

You Make the Rules

March 23, 2015 Added by:PCI Guru

For years organizations have complained that they receive varying advice from different QSAs even when the QSAs are from the same firm...To address this situation, the Council is telling all PCI stakeholders that it is up to the organizations being assessed to define the rules of the assessment.

Comments  (0)

D36d0936f0c839be7bf2b20d59eaa76d

Dangers Accelerate: Increasing Global Threats Loom Over Information Security Landscape

March 19, 2015 Added by:Steve Durbin

The pace and scale of information security threats continues to accelerate, endangering the integrity and reputation of today’s most trusted organizations. Attackers have become more organized, attacks are more refined, and all threats are more dangerous, and pose more risks, to an organization’s reputation than ever before.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The 2015 Verizon PCI Report

March 16, 2015 Added by:PCI Guru

The Verizon report is a great read and provides a lot of insights. Everyone should get a copy and read it, take it to heart and address your organization’s security shortcomings.

Comments  (3)

959779642e6e758563e80b5d83150a9f

It’s Friends and Family Breaching Patient Privacy – Not Estonian Hackers

March 12, 2015 Added by:Danny Lieberman

A 2011 HIPAA patient privacy violation in Canada, where an imaging technician accessed the medical records of her ex-husband’s girlfriend is illustrative of unauthorized disclosure of patient information by authorized people.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »