There are a number of organizations out there that ask for — and often receive — access to data on both successful and unsuccessful attacks on your technology infrastructure.
Unfortunately, data security and regulatory compliance requirements do not evaporate in the public cloud, says Vormetric's Ashvin Kamaraju.
As interest in the public cloud remains strong, a security expert makes sense of new recommendations for securing payment card data in those environments.
Sportswear retailer Genesco is suing Visa after the credit card company imposed more than $13 million in fines.
When it comes to credit card fraud, the hospitality industry has offered an attractive target for cyber criminals. Now, one trade group is helping these properties overcome security and compliance hurdles with a new framework.
Lawmakers have begun debate on the controversial threat information-sharing bill known as CISPA, which would complement the president's cyber security executive order. But it has a host of privacy objections to clear first.
The Payment Card Industry Security Standards Council (PCI SSC) released recommendations for card data security and compliance in cloud environments.
Depending on an organization's size, managing the attack surface isn't as simple as checking items off a list.
The council charged with administering the PCI standard has documented common vulnerabilities in online payment environment and offered suggestions for installing technology to deter threats.
Bryant Bell, senior product marketing manager of Guidance Software, sits with SC Magazine reporter, Danielle Walker, to discuss some of the benefits of having legal counsel in the security industry.
January is a good time to plan. It's the start of a new year and those things that seemed so far away in December are suddenly right around the corner.
The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security rules undergo their biggest changes since the legislation was passed in 1996.
Compliance brings with it the stigma of cost, complexity and confusion, but viewing it from a risk point-of-view may help make it more tolerable.
A highly regulated debt collector from the U.K. needed to achieve compliance, but it wanted to scrap all of the point solutions on which it traditionally relied.
We all know what we spend internally, but how do we get reliable, timely information for comparison purposes?
The Center for Copyright Information attributes the push back to Hurricane Sandy-related testing delays.
The PCI Security Standards Council, the body that manages payment security industries guidelines, on Friday released a methodology for meeting a risk management requirement included in the standard.
A South Carolina attorney has amended a lawsuit to include compliance assessor Trustwave as a defendant, opening the door to whether a security provider can be held liable for a breach at a customer's site.
At SC Magazine's Chicago security conference, professionals from various industries aimed to simplify strategies for tackling security guidelines and regulations.
Video game players are used to fending off alien invaders, but the IT staff at Electronic Arts (EA) was challenged to reduce cyber risk within its own environment.
At a recent SC Magazine Rountable, information security and compliance professionals discussed how changes in technology are leading to an evolution in their roles.
In a major victory for organizations that have sustained massive losses due to unauthorized transactions made by hackers, an appellate court has ruled in favor of a Maine construction company against its bank.
Global companies facing a slew of regional laws, as well as small and midsized companies required to meet regulatory demands, need governance, risk and compliance solutions.
In 1854, an English physician was one of the first to use an epidemiological method to ID disease risk. Ben Sapiro of the Dominion of General Insurance Co. wants his peers to do the same with security.
For the first time, breached processor Global Payments disclosed on Tuesday that a number of card brands have removed the company from their approved list of service providers.
Adopting PCI DSS is a sensible thing to do from a security perspective, says New Net Technologies' Mark Kedgley.
A privacy officer at a global company found a way to collaborate efficiently at a top level, while ensuring the protection of company assets, reports Greg Masters.
Canada's Bill C-11 leaves us with a few concerns and unanswered questions when it comes to rules and restrictions on the process of data backup.
The primary driver for security should be to cut risk rather than attempting to churn through an unending string of audit and compliance exercises.