Data privacy issues and compliance
- December 08, 2010
An audit of a prominent Boston-based health care firm found serious lapses in employee security awareness.
- July 28, 2010
Targeted, persistent attacks are supported by a great deal of automation and new functionality that is having little difficulty bypassing traditional security defenses and forensic investigations, two researchers revealed at the Black Hat Briefings.
- June 22, 2010
The PCI Security Standards Council will update the PCI Data Security Standard on a new three-year cycle after the latest update is applied in October.
- January 28, 2010
The official charged with enforcing the MA 201 CMR 17 data protection law says early reporting of potential breaches and cooperation will help firms avoid enforcement action.
- December 21, 2009
Level 2 merchants do not need to obtain a QSA onsite assessment. MasterCard has apparently reversed its decision earlier this year that required Level 2 merchants to hire a PCI-approved auditor ...
- July 07, 2009
The success rate is as high as 90% for individuals born after 1989 in less populous states. Some data was gleaned from social networking sites.
- April 23, 2009
It's not exactly a surprise that LogLogic acquired Exaprotect. The two partnered up in February to add Exprotect’s SEM engine as a module riding atop LogLogic’s log management/analysis platform. ...
- April 15, 2009
Large data breaches are the result of sophisticated, targeted external attacks that exploit basic errors, according to the latest data breach investigation report from Verizon.
- April 14, 2009
Several security and civil rights experts will debate the use of Internet surveillance as a tool to fight terrorism. The debate, "Surveillance Security, Privacy and Risk," will be held April 21 at the RSA Conference in San Francisco. The experts ...
- March 02, 2009
Do you know where your data is? The latest HIPAA changes should motivate healthcare security teams to understand information flows.
- February 13, 2009
Law now taking effect Jan. 1, 2010 would require any business collecting information on Massachusetts residents to encrypt sensitive data, protecting it from data leakage.
- February 05, 2009
The benefits of complete PCI and the necessity of full compliance are now being widely questioned, says Eric Ogren, principal analyst, The Ogren Group.
- February 03, 2009
A Massachusetts law taking effect in May requires encryption and could have organizations implementing the mandates across the board nationwide as the path of least resistance.
- January 22, 2009
The struggling economy has many retailers easing return policies to attract nervous shoppers, but as they increase data collection to combat fraudulent returns, one data privacy expert says the tools and processes must be in place to protect ...
- January 19, 2009
Good information security requires...good information. That's why logs are so important and why so many regulatory and industry directives require companies to not only gather but monitor, read and ...