April 01, 2013
Unfortunately, data security and regulatory compliance requirements do not evaporate in the public cloud, says Vormetric's Ashvin Kamaraju.
March 15, 2013
As interest in the public cloud remains strong, a security expert makes sense of new recommendations for securing payment card data in those environments.
Sportswear retailer Genesco is suing Visa after the credit card company imposed more than $13 million in fines.
March 05, 2013
When it comes to credit card fraud, the hospitality industry has offered an attractive target for cyber criminals. Now, one trade group is helping these properties overcome security and compliance hurdles with a new framework.
February 14, 2013
Lawmakers have begun debate on the controversial threat information-sharing bill known as CISPA, which would complement the president's cyber security executive order. But it has a host of privacy objections to clear first.
The Payment Card Industry Security Standards Council (PCI SSC) released recommendations for card data security and compliance in cloud environments.
Depending on an organization's size, managing the attack surface isn't as simple as checking items off a list.
The council charged with administering the PCI standard has documented common vulnerabilities in online payment environment and offered suggestions for installing technology to deter threats.
Bryant Bell, senior product marketing manager of Guidance Software, sits with SC Magazine reporter, Danielle Walker, to discuss some of the benefits of having legal counsel in the security industry.
January is a good time to plan. It's the start of a new year and those things that seemed so far away in December are suddenly right around the corner.
The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security rules undergo their biggest changes since the legislation was passed in 1996.
January 02, 2013
Compliance brings with it the stigma of cost, complexity and confusion, but viewing it from a risk point-of-view may help make it more tolerable.
January 02, 2013
A highly regulated debt collector from the U.K. needed to achieve compliance, but it wanted to scrap all of the point solutions on which it traditionally relied.
The Golden State recently revived a decade-old law to begin going after alleged offenders whose mobile apps don't contain a "conspicuous" privacy policy.
December 03, 2012
We all know what we spend internally, but how do we get reliable, timely information for comparison purposes?
The Center for Copyright Information attributes the push back to Hurricane Sandy-related testing delays.
The PCI Security Standards Council, the body that manages payment security industries guidelines, on Friday released a methodology for meeting a risk management requirement included in the standard.
A South Carolina attorney has amended a lawsuit to include compliance assessor Trustwave as a defendant, opening the door to whether a security provider can be held liable for a breach at a customer's site.
At SC Magazine's Chicago security conference, professionals from various industries aimed to simplify strategies for tackling security guidelines and regulations.
October 25, 2012
Video game players are used to fending off alien invaders, but the IT staff at Electronic Arts (EA) was challenged to reduce cyber risk within its own environment.
October 07, 2012
At a recent SC Magazine Rountable, information security and compliance professionals discussed how changes in technology are leading to an evolution in their roles.
In a major victory for organizations that have sustained massive losses due to unauthorized transactions made by hackers, an appellate court has ruled in favor of a Maine construction company against its bank.
July 05, 2012
Global companies facing a slew of regional laws, as well as small and midsized companies required to meet regulatory demands, need governance, risk and compliance solutions.
July 02, 2012
In 1854, an English physician was one of the first to use an epidemiological method to ID disease risk. Ben Sapiro of the Dominion of General Insurance Co. wants his peers to do the same with security.
For the first time, breached processor Global Payments disclosed on Tuesday that a number of card brands have removed the company from their approved list of service providers.
May 01, 2012
Adopting PCI DSS is a sensible thing to do from a security perspective, says New Net Technologies' Mark Kedgley.
April 05, 2012
A privacy officer at a global company found a way to collaborate efficiently at a top level, while ensuring the protection of company assets, reports Greg Masters.
April 02, 2012
Canada's Bill C-11 leaves us with a few concerns and unanswered questions when it comes to rules and restrictions on the process of data backup.
April 02, 2012
The primary driver for security should be to cut risk rather than attempting to churn through an unending string of audit and compliance exercises.
Fortinet's Greg Fitzgerald discusses major vulnerabilities, data management, and privacy and compliance issues in the industry at this year's RSA Conference 2012 in San Francisco.
