Security Management Strategies for the CIO
Email Alerts
-
PCI Council issues priority tool for compliance
A new PCI compliance tool walks companies through the compliance process by meeting six milestones set by weighing risk and threat factors. Article | 04 Mar 2009
-
Massachusetts data protection, encryption law extended
Law now taking effect Jan. 1, 2010 would require any business collecting information on Massachusetts residents to encrypt sensitive data, protecting it from data leakage. Article | 13 Feb 2009
-
Heartland breach highlights PCI limitations
The benefits of complete PCI and the necessity of full compliance are now being widely questioned, says Eric Ogren, principal analyst, The Ogren Group. Column | 05 Feb 2009
-
Retailers boost data collection, but data privacy issues persist
The struggling economy has many retailers easing return policies to attract nervous shoppers, but as they increase data collection to combat fraudulent returns, one data privacy expert says the tools and processes must be in place to protect customer... Interview | 22 Jan 2009
-
PCI costs slow compliance projects in down economy
PCI projects at some firms face scrutiny and funding shortfalls due to the economy. News | 13 Jan 2009
-
PCI needs to address virtualization, experts say
The standard for protecting cardholder data doesn't account for virtualized servers, which some say opens the door to audit problems Article | 08 Dec 2008
-
Solidcore CEO to focus security on virtualization
Anne Bonaparte took the reins as CEO of Solidcore Systems Inc. in May and has spent a lot of time since talking to customers and helping the company adapt its strategy to the changing realities of security and compliance. With a background that inclu... Interview | 04 Dec 2008
-
Cybersecurity expert sees PCI DSS problems ahead for retailers
It could cost millions of dollars for retailers to rip and replace outdated systems and devices still using Wired Equivalent Privacy (WEP) to secure 802.11 wireless networks, according to a security expert tracking cybersecurity in the retail industr... Interview | 18 Nov 2008
-
PCI is about eliminating data, not securing it, former QSA says
Former QSA turned Forrester analyst John Kindervag calls PCI a "communicable disease." Anything introduced to the network is in PCI scope if credit card systems aren't segmented. Article | 15 Sep 2008
-
Security of customer data, IP sustains security budgets
Protecting customer data, corporate intellectual property and other sensitive internal data, remains a priority in many corporate board rooms, a Forrester Research survey finds. Article | 05 Sep 2008