IT Security Audits
- August 12, 2014
Discussing the state of PCI DSS compliance, Gartner's Avivah Litan says the industry still struggles with PCI auditors who both identify PCI problems and sell remediation services to fix them, causing a conflict of interest.
- October 31, 2013
A veteran QSA believes PCI DSS 3.0 will help both QSAs and enterprises, but says further clarifications are needed to avoid PCI assessment disputes.
- July 25, 2012
Don Weber of InGuardians is releasing his smart meter hacking tool, but only to utilities, vendors and vendor-vetted researchers.
- March 06, 2012
Too often, organizations jam all their compliance tasks into the quarter when the audit is due. Read advice for reducing compliance fatigue.
- January 31, 2011
A study by the Ponemon Institute found that the average total cost of compliance is more than $3.5 million.
- June 29, 2009
Company now requires merchants that process one million to six million transactions annually to have onsite assessment by a PCI QSA. Visa says it won't follow suit.
- April 08, 2009
Payment Card Industry Data Security Standard (PCI DSS) expert Ed Moyle of CTG recently joined SearchSecurity.com for a live Q&A to address your ...
- March 05, 2009
Two firms certified to conduct PCI assessments have been placed into the PCI Council's remediation program for violating the QSA Validation Requirements.
- November 18, 2008
It could cost millions of dollars for retailers to rip and replace outdated systems and devices still using Wired Equivalent Privacy (WEP) to secure 802.11 wireless networks, according to a security expert tracking cybersecurity in the retail ...
- October 21, 2008
Rough economic times are often associated with an increase in layoffs, mergers and acquisitions. The increased activity has the potential to weaken data security, but most security experts agree that large firms have the right procedures to follow ...
- October 20, 2008
An inspector general audit criticizes the IRS for deploying a customer data and account management system with known security vulnerabilities. The IRS tried to have the report suppressed.
- October 13, 2008
Steven Katz, widely recognized as one of the first CISOs in the security industry, has been keeping an eye on the current financial crisis and company information risk management processes. Katz, a former CISO at Citigroup, JP Morgan and Merrill ...
- April 02, 2008
As Executive Editor Dennis Fisher explains, the Hannaford supermarket breach illustrates how too much emphasis on compliance puts critical data at risk.
- November 29, 2007
A Ponemon Institute study indicates the costs associated with data breaches have soared and will continue to skyrocket unless companies do more to prevent them in the first place.
- November 01, 2007
IBM plans to invest $1.5 billion on security research in 2008. The company is also using recent acquisitions to introduce a PCI DSS program.