PCI AND COMPLIANCE Articles
7 cyber crime facts executives need to know
What is your organization's attitude about your security program? Jon Murphy details how a recent report reveals too many still have their head in the sand when it comes to risk management
Study: Network IPS security improving
An independent testing lab found significant improvement in intrusion prevention system performance and security. But the buyer must beware.
Core expands into network vulnerability testing
The latest version of Core Impact can now scan network devices for security vulnerabilities
Upgraded retail security standard ignores mobile payments
Version 2.0 of the Payment Card Industry Data Security Standard is being released Thursday by the PCI Security Standards Council, which acknowledges that mobile payment technologies haven't been addressed yet.
SecTor 2010: Why security is the enemy of privacy
Some might expect security to be the answer for privacy protection, but it's often part of the problem. Tracy Ann Kosa, a privacy impact assessment specialist with the government of Ontario, explains why at SecTor 2010.
Why government security pros must attend OWASP AppSec DC 2010
CSO's Bill Brenner on how the OWASP AppSec DC 2010 conference Nov. 8-11 will go a long way in making app security better.
SAS 70 replacement: SSAE 16
The often-misused SAS 70 auditing standard is set to be replaced next year by SSAE 16
Akamai releases 'game changing' cloud-based payment service
In what the company CSO calls a cloud-computing game changer, Akamai Technologies has released its Edge Tokenization electronic payment security service.
Legally defensible security: Covering your bases on HIPAA, CMR 17
HIPAA and HITECH compliance is not necessarily the same as Mass 201 CMR 17 compliance, but there are common procedures to achieve "legally defensible" security.
Can privacy be saved? Maybe
At the CSO Security Standard Tuesday, General Electric's senior counselor explained what GE is doing to protect customer, employee and supplier privacy.
