Security Management Strategies for the CIO
Email Alerts
-
Massachusetts data protection, encryption law extended
Law now taking effect Jan. 1, 2010 would require any business collecting information on Massachusetts residents to encrypt sensitive data, protecting it from data leakage. Article
-
Heartland breach highlights PCI limitations
The benefits of complete PCI and the necessity of full compliance are now being widely questioned, says Eric Ogren, principal analyst, The Ogren Group. Column
-
Retailers boost data collection, but data privacy issues persist
The struggling economy has many retailers easing return policies to attract nervous shoppers, but as they increase data collection to combat fraudulent returns, one data privacy expert says the tools and processes must be in place to protect customer... Interview
-
PCI costs slow compliance projects in down economy
PCI projects at some firms face scrutiny and funding shortfalls due to the economy. News
-
PCI needs to address virtualization, experts say
The standard for protecting cardholder data doesn't account for virtualized servers, which some say opens the door to audit problems Article
-
Solidcore CEO to focus security on virtualization
Anne Bonaparte took the reins as CEO of Solidcore Systems Inc. in May and has spent a lot of time since talking to customers and helping the company adapt its strategy to the changing realities of security and compliance. With a background that inclu... Interview
-
Cybersecurity expert sees PCI DSS problems ahead for retailers
It could cost millions of dollars for retailers to rip and replace outdated systems and devices still using Wired Equivalent Privacy (WEP) to secure 802.11 wireless networks, according to a security expert tracking cybersecurity in the retail industr... Interview
-
Cloud compliance: How to manage SaaS risk
While Software as a Service (SaaS) can cut costs, there are definite security concerns to be aware of, including compliance issues. What's the best way to make sure that data is safe and audit-ready on the provider's server? Expert Joel Dubin gives a... Tip
-
Best practices for merging with a company that is not PCI compliant
Learn how to make sure you and your partner are compliant with PCI DSS while you prepare for the merger process. Ask the Expert
-
Using a QSA to write up a PCI DSS report on compliance (ROC)
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine your enterprise's level of compliance, whether to utilize a QSA and where to submit the necessary forms... Ask the Expert