Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Comptroller of the Currency Thomas Curry's comments in a Sept. 18 speech could be an early indication that regulators will put more pressure on banks and service providers to fill cybersecurity gaps, some observers say.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
The House Intelligence Committee warns of threats Chinese chips pose to American IT systems. A new film embellishes that danger. Though pure fiction, the plot could help raise the public consciousness about cyberthreats.
A judge finds WikiLeaks leaker Bradley Manning not guilty of aiding the enemy but convicts him on other charges. How will the mixed verdict sway NSA whistleblower Edward Snowden's decision on whether to remain on the lam?
Addressing cyber-attacks is not just a technology issue. It requires a holistic view from the entire organization, says ISACA's Jeff Spivey, who emphasizes the need for a framework approach to security.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.