Attacks against medical devices and critical health care systems are no longer theoretical. In fact, according to a report from the SANS Institute, poorly protected health care systems are not able to fight off the barrage of attacks.
The latest iteration of PCI compliance regulations adds to the already increasing burdens of the typical IT security professional. For example, exposing cryptographic key management information to more than those that need to know creates a compliance violation.
Cloud infrastructures can be secure, and they must be for the need is growing quite fast. In this vein, organizations don’t have to be fearful of public clouds. They just need to better understand them.
To a security guru, GRC feels like a waste of time. It will provide artificial challenges that make a difficult task even harder, with very little gain or advantage in return other than a report containing lists of items with a marked checkbox.
Merchants who are required to be PCI-DSS Compliant will have to get their validation under provisions of PCI-DSS 2.0 by December 31st, 2011. What are some of the key changes in PCI-DSS 2.0? Are you ready?
Mobile applications and the platforms they are built on make PA-DSS compliance difficult due to the rapidly evolving threat landscape. With increased attacks and their tragic affects on businesses and consumers, it's important to make make sure your mobile operations properly secured.
2011 has been a monumental year for hackers. Businesses as well as consumers felt the brunt of cybercrime by the millions, some of them a few times over. Here’s a look at the top hacks so far this year, and what we can learn from them.
A properly deployed SIEM can add tremendous value to an organization’s security program. This week, Chris describes how you can get the most out of an SIEM solution through proper deployment strategies.