Data privacy issues and compliance

  • August 02, 2007 02 Aug'07

    Black Hat 2007: New database forensics tool could aid data breach cases

    Database security researcher, David Litchfield of UK-based NGS Software will release a free Forensic Examiners Database Scalpel, he says could aid data breach investigations.

  • July 24, 2007 24 Jul'07

    PCI compliance costs often underestimated, study finds

    Companies are moving forward with PCI DSS projects, but many are underestimating the costs associated with compliance.

  • June 28, 2007 28 Jun'07

    Podcast: PCI DSS auditing and ethics News Editor Rob Westervelt sat down with Burton Group analyst Diana Kelley at this week's Burton Group Catalyst Conference to talk about PCI DSS. Particularly noteworthy here is ...

  • May 22, 2007 22 May'07

    Database authentication, encryption getting priority in some businesses

    While more organizations are seeking database authentication and encryption technologies, others are turning to database monitoring to secure data.

  • May 17, 2007 17 May'07

    PCI DSS: The standards should not be lowered

    Bob Russo, general manager of the PCI Security Standards Council explains that education is crucial to getting more merchants to comply with the standard.

  • May 09, 2007 09 May'07

    Experts: Easing standards like PCI DSS a bad idea

    Financial services practitioners say security standards like PCI DSS can be hard to heed, but that easing them would be a bad idea given the data fraud epidemic.

  • May 08, 2007 08 May'07

    Should PCI DSS rules be relaxed? Readers respond

    Last month, First Data CISO Phil Mellinger suggested that the PCI DSS rules should be relaxed and then gradually increased to give companies a chance to comply. He suggested some changes at a PCI ...

  • April 26, 2007 26 Apr'07

    Should PCI DSS rules be eased?

    First Data CISO, Phil Mellinger told a group attending a recent PCI DSS conference that the PCI DSS standards should be eased to allow more businesses to meet the standards. The rules would rise ...

  • April 26, 2007 26 Apr'07

    President's ID theft task force gets mixed review

    The White House ID theft task force's recommendations are being called a step in the right direction. But one group says they fail to address insecurity at government agencies.

  • April 24, 2007 24 Apr'07

    Security configuration management vendors branch out

    The security configuration management market appears to be in flux in the last year or so. Vendors in this market provide tools to enforce compliance policies against check security configurations. ...

  • April 23, 2007 23 Apr'07

    PCI paralysis

    A recent survey of 80 North American businesses about the Payment Card Industry Data Security Standard by RSA had an interesting finding. While nearly all -- 90 percent -- think the standard's ...

  • April 13, 2007 13 Apr'07

    PCI DSS is all about covering your tail

    Among the merchants, security auditors, credit card issuers and card transaction servicing firms in attendance at the PCI Data Security Standards Conference in New York City on Wednesday was a ...

  • April 05, 2007 05 Apr'07

    Firm takes steps to address email management security risks

    Frank Chambers, director of security management at Constellation Energy explains how his firm manages email risk.

  • March 15, 2007 15 Mar'07

    Google boosts privacy, but storage glut continues

    Google is right in making its server log data anonymous after 18-24 months. But the mammoth amount of data being collected is still a major concern.

  • January 10, 2007 10 Jan'07

    Federal government pushes full disk encryption

    Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full disk encryption (FDE) products.