Retail breaches and the SQL injection threat
Continuous monitoring of database networks is the best approach to avoid breaches such as the high-profile attacks against major U.S. retailers, according to a Ponemon …
Businesses are not ready for PCI DSS 3.0
Many U.S. businesses are unprepared for the Payment Card Industry Data Security Standard 3.0, or PCI DSS 3.0, as issued by the Payment Card Industry Security Standards …
A guide to cloud encryption and tokenization
Cloud adoption shows every sign of continuing to grow. The sharing of resources helps businesses achieve savings and agility based on economies of scale but there’s a …
Compliance is no guarantee of security
The regulatory landscape is constantly evolving. For example tougher new EU data protection laws are scheduled to come into effect over the next year or two. These new …
NIST announces security framework… yawn
Let me start out by saying that I have a bias against regulatory compliance standards; especially those that are non-specific, not prescriptive, require voluntary cooperation …
Penetration testing: Accurate or abused?
According to a recent Ponemon study, since 2010 cybercrime costs have climbed 78% and the time required to recover from a breach has increased 130%. On average, U.S. …
One in five SMB retailers lacks security fundamentals
Fortinet published new research that shows where SMB retailers stand in regards to compliance regulations, security policies and new technologies that help manage big data and …
Four reasons why audits matter
We live in a world where assurance is a precious commodity. People with bad intentions are getting smarter every day as evidenced by the recent compromise of nearly 40 million …
Merchants showing payment security awareness
ControlScan and Merchant Warehouse have jointly released the results of their survey of Level 4 merchants’ awareness, sentiment and progress toward securing cardholder …
PCI DSS 3.0 is now available
Today the PCI Security Standards Council (PCI SSC) published version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). …
Retail sector slow in adopting new PCI standards
Tripwire announced the results of research on risk-based security management in the retail industry, and the news isn’t good: the majority of the retail sector is yet to …
ManageEngine enhances Firewall Analyzer and EventLog Analyzer
ManageEngine announced enhancements to its firewall security and configuration management software, Firewall Analyzer, and to EventLog Analyzer, its log management and IT …