New requirements to mitigate payment card risks posed by third parties, such as cloud providers and payment processors, are a focal point of the PCI Security Standards Council's updated data security standard.
As Michigan deploys its Cyber Civilian Corps, the state will need to address some of the same challenges the federal government faces in sharing cyberthreat information between the government and the private sector, state CIO David Behen says.
The medical device industry faces four significant privacy and security challenges that pose potential threats to patients as well as manufacturers, says Michael McNeil, global security and privacy leader at Medtronic.
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
Using "synthetic identities" to commit fraud is becoming easier, but it's increasingly difficult for organizations to detect this type of deception, says Claudel Chery of the U.S. Postal Inspection Service.
Rather than waiting until they're a breach victim, organizations should reach out to law enforcement officials to develop a good working relationship in battling cybercrimes, federal prosecutor Erez Liebermann says.
Organizations must develop a "defensible response" to data breaches and fraud incidents because of the likelihood of a regulatory investigation or legal action, says attorney Kim Peretti, a former Department of Justice cybercrime prosecutor.
IT security leaders need to develop a strong, holistic security and risk management strategy as they implement advanced, strategic technical capabilities, IBM's David Jarvis says in analyzing new survey results.