As the Payment Card Industry Security Standards Council prepares to update the PCI Data Security Standard, malware attacks aimed at payments networks are garnering attention, says the council's Jeremy King.
Providers of technologies employees acquire through unconventional channels that could bypass their employers' supply-chain controls are known as "shadow suppliers." Here's why you should care about them.
Payment data and personal information are both attractive targets for criminals, says breach investigator Erin Nealy Cox of forensics firm Stroz Friedberg. Learn why she says card data isn't the only lucrative target.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
A 143-point drop in the Dow Jones Industrial Average proves the power of social media and the havoc it can cause when an account gets hacked. It's time for social media companies to tighten the authentication process.
The UK government pledges at Infosecurity Europe to help businesses improve cybersecurity. But it's going to take more than vouchers and training to address Europe's top threats to security and privacy.
We talk increasingly about what we have in common - global risks, threats and growing an effective security workforce. But what are the unique characteristics of individual marketplaces? That's a question I hope to answer this week in London.
Schnucks, a grocery chain that last month revealed it suffered a POS network attack, now says millions of payment cards were likely exposed. How many stores were affected, and was Schnucks PCI compliant?
The Boston Marathon tragedy is yet another reminder to organizations to develop alternative ways to communicate with employees during such emergencies. Otherwise, they could put their organizations' continuity plans at risk.
President Obama is concerned that a provision buried in a law he signed to keep the government running for the rest of fiscal 2013 would make it much tougher for four federal agencies to secure their IT.