The company has agreed to pay $200,000 as part of the settlement, and will be required to beef up its COPPA-related reporting activities.
Veterans Affairs has failed an annual cybersecuirty audit for the 16th year in a row, a new report reveals.
Security teams are sharply focused on bringing security to applications and meeting compliance requirements in the delivery of these applications and services.
When a care provider supplied laptops to its roving employees, it added a security solution to enable efficient collaboration. Greg Masters reports.
Whether it's for PCI compliance or HIPAA assessments companies follow the conventional model of point-in-time certification accompanied by a costly and painful annual review and correction process.
The search engine company updates it piracy report to let users know how its adjusting search results to stop illegal piracy efforts.
The FCC launched an investigation last year after a consumer complained of the practice.
Needing more than signature-based remedies, First Financial Bank found a way to close the gap between what exists and what's possible. Greg Masters reports.
The nonprofit organization alleges that the Maricopa County Community College District violated the FTC's "Safeguards Rule."
We explore the landscape today with which security teams must contend and compile a number of best practices and strategies you can apply to protect your company.
The Center for Digital Democracy has asked the FTC to investigate 30 U.S. firms' data collection practices, including Adobe, AOL and Datalogix.
The guidance is meant to help merchants and third parties better understand their roles and responsibilities in the payment security ecosystem.
The consensus from our panel of experts is that PCI DSS should be just one item on a far broader effort to integrate data security into enterprise risk management.
As a precaution, the ID theft protection service has removed the app from the App Store, Google Play, and Amazon Apps.
The Federal Trade Commission banned the retailer from misrepresenting its abidance in an international security framework
The agreement marks the largest HIPAA settlement to date.
Is there such a thing as an exchange of secure information in an insecure world?
A Texas-based company, Concentra, paid the HIPAA settlement stemming from a 2011 breach.
Introduced Tuesday, the Digital Privacy Act includes stiff penalties for organizations that fail to adequately respond to breaches.
Let's agree on a definition of the term "security" and move forward from there, says AT&T's Chris Mark.
The Federal Trade Commission has charged 12 companies with falsely claiming to comply with the U.S.-EU Safe Harbor Framework.
Information security personnel are challenged with protecting company reputation and enterprise and customer data from a constant and expanding barrage of cyber criminals.
GRC is at once the biggest pain point (arguably) of most large organizations and the most important task that does not usually get done right.
Version 3.0 of the PCI Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS) became available today.
One issue with password systems has always been the 'reset' problem: what to do when a user forgets their password.
While already ubiquitous in much of the world, mobile payment options are gaining traction in the United States, reports Stephen Lawton.
So far, one solution, developed by European Payment Services, has been verified under PCI security standards for point-to-point encryption (P2PE) hardware.
In a perfect world, enterprises would know exactly when an auditor is going to show up, the questions they will ask, and data would be presented on a silver platter ready to prove the organization's compliance.
A major area of concern for security personnel these days is how we are able to achieve and maintain compliance with multiple regulatory governing bodies.
Business associates of HIPAA-covered entities are now legally bound to follow the same guidelines when securing patients' protected health information.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context