A new report from McAfee outlines the growing risks in the sales and commerce industry, due in part to the mix of legacy and newer Point of Sale (POS) systems, in addition to secondary market hardware.
Skyhigh Networks, a Cupertino, California-based startup offering cloud visibility and control solutions, on Monday emerged from stealth mode and officially launched its new solution designed to help enterprises know which cloud services their employees use.
NT OBJECTives launched NTOSpider 6.0, the latest version of its web application scanner, which now enables security teams to scan for vulnerabilities in mobile, web services and CSRF protected sites that make use of modern application technologies.
While some say the specifics on what information should be shared and when are just one example of the things missing from the executive order that should be part of legislation, others believe a new law may not be the answer.
Zaxby's Franchising, the restaurant chain best known for high calorie meals like fried chicken and Texas toast, is the latest company to have systems associated with its point of sale systems compromised by malware.
A properly deployed SIEM can add tremendous value to an organization’s security program. This week, Chris describes how you can get the most out of an SIEM solution through proper deployment strategies.
If you are faced with regulatory compliance, you are faced with a legal issue. And, if you are not compliant, you are essentially breaking the law. There are many standards and regulations in place. But which ones are the most impactful?
Too many IT and risk managers are surprised by security breaches, compromised keys or operational failures that occur from sheer neglect that result when you leave your valuable keys as exposed as a password on a post-it. Hefty, potential fines for failing to comply with regulations are risk enough, but the risks of ignoring these vulnerabilities extend even further.
How does a merchant or service provider know if they are required to be PCI DSS certified and what initial steps can they undertake in order to get on their way to PCI DSS 2.0 compliance? This can be a long and complicated process, but here are some tips to help you get started.
Once a Software Vendor discovers that their software has been pirated, the gut reaction is to put an immediate stop to it. If piracy is discovered, it’s best to react, but don’t overreact. Be proactive, yet patient.
Modern data centers are undergoing a transformation driven by trends such as virtualization, green IT, endpoint growth and externalization, resulting in new risks that demand renewed attention to data center security. So what steps can data center architects take to help protect the modern data center in the face of these risks?
Organizations that accept and manage credit cardholder data within a virtual environment must understand new guidance pertaining to virtual environments coming from the Payment Card Industry (PCI) Council
A look at the some of the existing regulations and why these haven’t been a driving force for organizations to improve security for their websites. We don’t necessarily need another new regulation but it’s time to update all the old standards to provide more clarity and enforcement guidelines around protecting Web infrastructure.