Security Management Strategies for the CIO
Email Alerts
-
WEP to WPA: Wireless encryption in the wake of PCI DSS 1.2
The PCI Security Standards Council recently announced the upcoming release of PCI DSS version 1.2. Plenty of changes are on the way, but one in particular may call for some significant wireless infrastructure upgrades. Mike Chapple explains why the l... Tip
-
PCI is about eliminating data, not securing it, former QSA says
Former QSA turned Forrester analyst John Kindervag calls PCI a "communicable disease." Anything introduced to the network is in PCI scope if credit card systems aren't segmented. Article
-
Security of customer data, IP sustains security budgets
Protecting customer data, corporate intellectual property and other sensitive internal data, remains a priority in many corporate board rooms, a Forrester Research survey finds. Article
-
Version 1.2 of Payment Card Industry (PCI) Data Security Standard answers questions, raises others
Understanding the wording of the PCI Data Security Standard isn't always easy. What exactly qualifies as an "application firewall," for example, or even "strong encryption?" Thankfully, clarifications to terminology and requirements are coming in PCI... Tip
-
PCI version 1.2 clarifications: How to get an early start on compliance audits
Last month, the PCI Security Standards Council released a preview of changes in the upcoming Payment Card Industry Data Security Standard revision. The clarifications in the standard's language are welcome adjustments, but the tweaks may have an effe... Tip
-
Security visualization helps make log files work
Using visualization tools, security pros can build charts and graphs to make sense of complex log files and data and improve their company's security stance. Article
-
The Little Black Book of Computer Security, 2nd Edition
In an online excerpt of The Little Black Book of Computer Security, expert author Joel Dubin reviews how to prepare for today's most important compliance requirements. Tip
-
Data breach discovery, disclosure outpaces 2007
More data breaches have been reported so far this year than in all of 2007, according to a report released by a nonprofit group that works to prevent fraud. Article
-
PCI groups to focus on wireless, pre-authorization changes
The PCI Security Standards Council has started two special interest groups to focus on pre-authorization and wireless security issues. Article
-
PCI DSS 1.2 clarifies wireless, antivirus use
Version 1.2 of PCI DSS, due out in October, requires 802.1x for wireless protection and antivirus for all operating systems, according to a summary of the changes issued Tuesday. Article