The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
Federal authorities say the successful prosecution of a member of an international cybercrime ring proves progress is being made in shuttering ATM cash-out schemes. But some experts say processors and prepaid cards will continue to be targeted by attackers.
With the Senate Intelligence Committee overwhelmingly approving the Cybersecurity Information Security Management Act, common wisdom dictates the bill will head directly to the Senate floor. Not so fast.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
The HIMSS 2014 Conference, to be held Feb. 23 to 27 in Orlando, will feature an impressive lineup of privacy and security educational content, plus updates from federal regulators. Check out the highlights.
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Target Corp.'s revelation that personal information about up to 70 million customers was breached in a recent malware attack raises new questions about Target's security practices and risks to consumers.
Version 3.0 of the PCI Data Security Standard goes into effect Jan. 1, 2014. What steps should organizations be taking to prepare for implementation of the standard? Troy Leach and Bob Russo of the PCI Security Standards Council explain.