Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
A soon-to-be-launched pilot project funded by the National Institute of Standards and Technology aims to provide a potential model for how online access to patient information can be streamlined while boosting security, NIST trusted identities expert Phil Lam explains in this audio interview.
RSA Via Access allows you to deliver secure access to cloud and mobile applications without creating roadblocks for users. Streamline and simplify end-user access and authentication so end users can securely and conveniently access all of their applications and achieve greater productivity.
In a one-on-one discussion about today's top healthcare security challenges, Premise Health CISO Joey Johnson talks about the "paradigm shift" needed to move entities from a compliance mindset to one that embraces true cybersecurity.
The keys to the digital kingdom are too easy to steal through malware and social engineering. What can security leaders do to help raise their organizations' level of privileged access management? Ken Ammon of CA Technologies offers insights in this video interview.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
The PCI DSS was developed to "encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI DSS provides a baseline of technical and operational requirements designed to protect cardholder data." Even by following the PCI DSS guidelines, it is...
Every company, regardless of size, has confidential information that needs to be protected. With data breach incidents happening on an almost weekly basis, organizations must take the necessary precautions to ensure their data is secure. But how many organizations are truly making efforts to keep their data...
Despite the frequency of healthcare data breaches, only half of U.S. hospitals have the infrastructure to support two-factor authentication, according to a new report. Plus, some information security leaders say implementation of the technology at many of those facilities is likely relatively narrow.
Has authentication become too complex for
banking institutions? That's a legitimate concern, says Peter Tapling of Early Warning.
The key, he says, is to leverage new strategies and solutions to unify and simplify
Download this eBook to explore new authentication strategies and:
Today's cybercriminals are aware of the fraud prevention technologies deployed by most financial institutions, and they design attacks to circumvent these controls. Transaction anomaly detection and device ID approaches can be highly inaccurate, generating a large number of false positive alerts that can overwhelm IT...