-
Defending PCI: ‘Don’t Blame the Qsa’s’
Posted on September 30th, 2009 No commentsInterview with Bob Russo, GM of PCI Security Standards CouncilSince the announcement of the Heartland data breach in January, the merits of the Payment Card Industry Data Security Standard (PCI DSS) have been questioned, and Bob Russo has led the defense. Russo is general manager of the PCI Security Standards Council, the group responsible for the development, management, education and awareness of the PCI Security Standards. In an exclusive interview conducted at the council’s recent community meeting in Las Vegas, Russo discusses: Why end-to-end encryption is no security panacea; The merits of tokenization, Chip and PIN and other solutions; His response to breached entities that say they were PCI compliant.
See the original post:
Defending PCI: ‘Don’t Blame the Qsa’s’ -
Privacy and the Law
Posted on September 30th, 2009 No commentsLegal Insights on Data Privacy Trends and Breach ResponseYour organization has been breached – how should you immediately respond? How should you not respond
Read the rest here:
Privacy and the Law -
The CAE at 10: Interview with Dickie George of the NSA
Posted on September 1st, 2009 No commentsTen years ago, the National Security Agency (NSA) started up the Centers of Academic Excellence program to encourage stronger information assurance programs at colleges and universities. Initially, there were 7 designated CAE schools. Today, the ranks have swollen to over 100 CAE-designated schools, and information assurance professionals are much better prepared to tackle the cybersecurity challenges we face.
Original post:
The CAE at 10: Interview with Dickie George of the NSA -
What You Must Know About Data Breaches
Posted on September 1st, 2009 No commentsLast year at least 650 organizations reported being the victims of data breaches, and the number continues to rise. According to the latest research from the Ponemon Institute, only 36% of C-level executives are confident their organizations won’t suffer data breaches in the next 12 months.
-
TJX Takes $12 Million Hit in First Quarter for Data Breach
Posted on September 1st, 2009 No commentsThe TJX Companies, whose computer systems containing customer credit and debit card information had been hacked, said the impact of that data breach showed up in the discount retailer’s earnings for the first quarter. The company suffered an after-tax charge of $12 million due to the money the company has been shelling out to investigate and contain the breach, beef up its information security, communicate with customers and pay attorneys.
Excerpt from:
TJX Takes $12 Million Hit in First Quarter for Data Breach -
UMass: Chinese Could Be Behind Computer Breach
Posted on August 28th, 2009 No commentsA computer breach last fall at the University of Massachusetts at Amherst could have been caused by Chinese nationals, police said.
Read this article:
UMass: Chinese Could Be Behind Computer Breach -
Marketing Never Lets Reality Interfere With A Good Pitch
Posted on August 6th, 2009 No commentsAt the end of July, Network Solutions revealed a massive breach, impacting some 574,000 consumers and more than 4,300 retailers.
See more here:
Marketing Never Lets Reality Interfere With A Good Pitch -
Mobile Payments May Make PCI Obsolete
Posted on August 6th, 2009 No commentsAs more people start paying for goods and services using their phone, rather than a credit card, they are venturing into that ethereal netherworld that is “beyond PCI” – in this case, literally, as their daring actions challenge the Payment Card Industry to drop “card” from their name.But there’s more to the challenge than semantics, argues PCI Columnist David Taylor.
The rest is here:
Mobile Payments May Make PCI Obsolete -
Data Breach Bill’s Flawed Assumptions
Posted on July 31st, 2009 No commentsOPINION: Retail Realities: Sen.Patrick Leahy’s Data Breach Bill Likely To Boomerang
See the rest here:
Data Breach Bill’s Flawed Assumptions -
Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements
Posted on July 22nd, 2009 No commentsThe following FAQs address the breach notice requirements of Nevada’s Security of Personal Information Law.
Go here to see the original:
Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements
Recent Comments