- AT&T hacker Weev released from prison after appeals court overturns conviction
- Symantec draws new security picture
- Confirmed: hackers can use Heartbleed to steal private SSL keys
- Heartbleed panic drives flood of enquiries to Symantec's Melbourne CA
- Rising security threat should motivate better employee support: Symantec
How did what is likely to be one of the largest data breaches in history occur? Some speculate it was only possible with insider knowledge
A new set of guidelines from the PCI Security Standards Council is intended to help merchants and cloud services providers comply with the PCI DSS when handling payment card data on the web.
The Payment Card Industry (PCI) Security Standards Council today issued guidelines on how businesses storing, processing or transmitting payment-card information should look at doing an annual risk assessment.
The Payment Card Industry Security Standards Council today published guidelines aimed at helping merchants and others processing payment cards make effective use of what's known as "tokenization" technologies to conceal sensitive account information.
Mobile payments technology is a loud sonic boom thundering through the payments industry. But are all -- or any -- of these payment schemes compliant with the Payment Card Industry Data Security Standard (PCI DSS?)
IT, security and compliance experts discuss the biggest issues facing companies these days -- and what steps organizations can take to minimize potential regulatory compliance risks and security threats.
The heads of seven business organizations sent PCI Security Standards Council General Manager Bob Russo a cry for help earlier this month, saying the recession is making it "increasingly difficult" for merchants to meet the requirements of the Payment Card Industry's Data Security Standard (PCI DSS).
Sign up now »
Proactive web security that blocks threats in the cloud before they reach users’ machines, or enter customers’ networks.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.