New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
Senior leaders in business and government are buying in to the need for more cybersecurity investments as well as threat-intelligence sharing, new research shows. But why are they still struggling to hire the right security pros?
Although skimming attacks are still the greatest ATM fraud concern, experts warn that a new malware strain that targeted ATMs in Mexico may signal a shift and raises questions about software and operating system vulnerabilities.
Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
Apple's inclusion of a fingerprint scanner in its iPhone 5S is an important step toward bringing biometrics into the mainstream. But there's a long way to go before biometrics supplant passwords at the enterprise level.
Special Publication 800-101 Revision 1 is aimed to help organizations develop procedures to deal with the explosion of mobile devices and to prepare specialists to conduct forensically sound examinations.
Account takeover techniques are getting more sophisticated; new "account checkers" are helping hackers automate their processes. The trend is just one more reason why we need advanced forms of authentication.