Even while working to re-establish its own PCI compliance, breached payments processor Global Payments Inc. is helping merchants assess and improve their payment card security.
Gartner fraud expert Avivah Litan shares ideas about how lessons learned from the Global Payments data breach can help security practitioners mitigate card-fraud risks and prevent future incidents.
The average per capita cost of a data breach has declined from $214 to $194, according to the new Cost of a Data Breach study. But there are still plenty of causes for concern, says Dr. Larry Ponemon.
A recent research paper that raised questions about the efficacy of RSA public-private key cryptography shouldn't alarm IT security practitioners, says Eugene Spafford of Purdue University. Here's why.
RSA, PhoneFactor and Rapid7 were among the organizations to issue product/solution news releases at RSA Conference 2012 on Tuesday, Feb. 28. See the latest announcements from the show.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
RSA Chief Technologist Sam Curry defends the company's approach to public-key cryptography after researchers suggest a flaw in its encryption algorithm, contending the problem exists elsewhere in the security chain.
In the wake of the latest high-profile hacktivist attacks against banking institutions, industry experts offer these tips to bolster online security, customer awareness and the corporate image.
To help prevent breaches, mobile devices should be encrypted even if storage of sensitive information on them is prohibited, says security expert Melodi Mosley Gates.
We all know the online shopping risks consumers face on CyberMonday. But how does the BYOD mobile computing trend impact risks to organizations from their own employees shopping on the job?
The only way to improve card security is for banks and merchants to align their strategies, says Gray Taylor of NACS. "This is something that hurts both of our industries. Fraud hurts us all."
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.