While Global Payments investigated the breach of its North American processing system, it turned up another intrusion, this one impacting merchants.
Following the theft of a computer at Sutter Health in October that put the personal information of more than 4.2 million patients at risk, 11 class-action lawsuits were filed against the Sacramento, Calif.-based nonprofit.
March 01, 2012
DLP solutions remain fairly immature, but the need to protect and monitor sensitive information is greater than ever.
A thief broke into a doctor's car and stole a briefcase containing a flash drive that held personal data on patients of University of Miami Miller School of Medicine.
December 19, 2011
With the holidays right around the corner, expect many workers to soon be returning from their breaks with shiny new personal devices, like an iPad, in hand -- and wanting to connect them to the corporate network. IT departments must have a response plan in place.
The unencrypted data of 4.2 million Sutter Health patients went missing last month, and now the health care providers faces legal action.
While the nation's economy remains in the tank, the information security market appears to be avoiding a major slowdown.
Organizations must accept that they have been compromised by attackers and apply some personal craft to limit the damage, two security experts said during a panel Wednesday at SC Congress New York.
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
HTC plans to release a patch after a "short" testing period, the company said Tuesday.
October 04, 2011
The answer is "no," but that doesn't mean security professionals are hopeless in defending their networks against politically minded intruders. Not to mention, you have more in common with them than you might think.
October 03, 2011
If we didn't care about who sees, damages or alters our data, we wouldn't need to waste millions of dollars on the tools of our trade, says Peter Stephenson, technology editor.
In a conversation with SC Magazine Executive Editor Dan Kaplan, Steve Livingston, principal of Deloitte Enterprise Risk Services, chronicles how people, processes and technology can combine to create a robust risk framework that achieves buy-in from senior management.
The PCI Security Standards Council on Tuesday released "PCI DSS Virtualization Guidelines" to update credit card payment security to the age of cloud computing.
March 21, 2011
With the April 18 tax deadline looming, security isn't top-of-mind for the employees in your finance, audit and operations departments.
March 01, 2011
Dust off your company's risk assessment process and make sure it is up to date because this is where your approach to defending against a WikiLeaks type of threat is going to start.
March 01, 2011
Data leakage prevention (DLP) is garnering a lot of attention as a cure-all for risk management.
Tools that better classify data, provide deep-packet inspection and offer risk management for organizations migrating to the cloud are three solutions areas ready to make their mark in the security industry, predicted a panel of CISOs on Tuesday.
February 13, 2011
When guarding against data breaches, organizations must consider the security postures of their closest partners, such as law firms and cloud providers.
Federal departments and agencies that handle classified data are required by Jan. 28 to complete an assessment of the safety measures they have in place to protect national security information, an effort prompted by the leak of confidential U.S. documents by whistleblower site WikiLeaks.
January 05, 2011
It is important for organizations to consider the basics if they want to avoid the leakage of sensitive information.
December 16, 2010
Trusting no one may soon become the new mantra in IT security, given the leak of sensitive U.S. diplomatic cables.
The federal government is moving quickly to deploy new security measures in light of the leak of hundreds of thousands of classified U.S. documents by whistleblower site WikiLeaks.
October 22, 2010
Organizations must consider the entire lifecycle of data, even when in hardcopy form, when implementing a security strategy.
The personal information of Delaware state retirees was included in a request for proposal that made its way onto the state's website for five days before it was discovered and removed.
Drivers such as compliance and insider threats are helping to keep information security budgets at financial institutions alive and well, according to a new study.
June 03, 2010
Organizations may want to second-guess a more restrictive strategy on website access and settle on a more pragmatic approach.
SC Magazine reporter Angela Moscaritolo interviews Eduard Goodman, chief privacy officer of Identity Theft 911, who says businesses are slow to develop policies for mobile device use, and smartphones can be the cause of many breaches.
Microsoft has disclosed a zero-day vulnerability in SharePoint after a Swiss security firm released details about the threat, which can be leveraged to siphon sensitive data from business users.
