Security Management Strategies for the CIO
Email Alerts
-
PCI costs slow compliance projects in down economy
PCI projects at some firms face scrutiny and funding shortfalls due to the economy. News
-
PCI needs to address virtualization, experts say
The standard for protecting cardholder data doesn't account for virtualized servers, which some say opens the door to audit problems Article
-
Solidcore CEO to focus security on virtualization
Anne Bonaparte took the reins as CEO of Solidcore Systems Inc. in May and has spent a lot of time since talking to customers and helping the company adapt its strategy to the changing realities of security and compliance. With a background that inclu... Interview
-
Cybersecurity expert sees PCI DSS problems ahead for retailers
It could cost millions of dollars for retailers to rip and replace outdated systems and devices still using Wired Equivalent Privacy (WEP) to secure 802.11 wireless networks, according to a security expert tracking cybersecurity in the retail industr... Interview
-
Cloud compliance: How to manage SaaS risk
While Software as a Service (SaaS) can cut costs, there are definite security concerns to be aware of, including compliance issues. What's the best way to make sure that data is safe and audit-ready on the provider's server? Expert Joel Dubin gives a... Tip
-
Best practices for merging with a company that is not PCI compliant
Learn how to make sure you and your partner are compliant with PCI DSS while you prepare for the merger process. Ask the Expert
-
Using a QSA to write up a PCI DSS report on compliance (ROC)
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine your enterprise's level of compliance, whether to utilize a QSA and where to submit the necessary forms... Ask the Expert
-
WEP to WPA: Wireless encryption in the wake of PCI DSS 1.2
The PCI Security Standards Council recently announced the upcoming release of PCI DSS version 1.2. Plenty of changes are on the way, but one in particular may call for some significant wireless infrastructure upgrades. Mike Chapple explains why the l... Tip
-
PCI is about eliminating data, not securing it, former QSA says
Former QSA turned Forrester analyst John Kindervag calls PCI a "communicable disease." Anything introduced to the network is in PCI scope if credit card systems aren't segmented. Article
-
Security of customer data, IP sustains security budgets
Protecting customer data, corporate intellectual property and other sensitive internal data, remains a priority in many corporate board rooms, a Forrester Research survey finds. Article