- Web proxy app becomes Bitcoin mining trojan
- Week in review: Great Bitcoin Robbery highlights shopping-season security risks
- Bitcointalk.org warns passwords in danger after DNS attack
- Fake-police ransomware reaches Australia
- Retailers tracking customers via Wi-Fi suggests that privacy really is dead
A new set of guidelines from the PCI Security Standards Council is intended to help merchants and cloud services providers comply with the PCI DSS when handling payment card data on the web.
The Payment Card Industry (PCI) Security Standards Council today issued guidelines on how businesses storing, processing or transmitting payment-card information should look at doing an annual risk assessment.
The Payment Card Industry Security Standards Council today published guidelines aimed at helping merchants and others processing payment cards make effective use of what's known as "tokenization" technologies to conceal sensitive account information.
Mobile payments technology is a loud sonic boom thundering through the payments industry. But are all -- or any -- of these payment schemes compliant with the Payment Card Industry Data Security Standard (PCI DSS?)
A survey of 500 information technology professionals with responsibility to assure compliance with the Payment Card Industry (PCI) security standard shows just over half find it "burdensome but necessary" in their organizations and about a third see it impacting their virtualized network environments in particular in the future.
IT, security and compliance experts discuss the biggest issues facing companies these days -- and what steps organizations can take to minimize potential regulatory compliance risks and security threats.
The heads of seven business organizations sent PCI Security Standards Council General Manager Bob Russo a cry for help earlier this month, saying the recession is making it "increasingly difficult" for merchants to meet the requirements of the Payment Card Industry's Data Security Standard (PCI DSS).
Sign up now »
Get powerful mobile security capabilities, and protect the data the various mobile devices inside your organization.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.