Three Democratic senators are calling for a hearing to examine whether stronger cybersecurity standards are needed to protect consumer data following a massive breach at Target that affected as many as 40 million debit and credit cards.
2014 may well be the "Year of Security," and IT security pros must prepare now for new job demands. ISACA's Robert Stroud offers five New Year's resolutions to help prepare for 2014's security trends.
Many business leaders lack a clear understanding of the value of identity and access management. CISO Christopher Paidhrin offers a scenario for how to make the case for an IAM investment.
American and Russian negotiators met last month to discuss cybersecurity issues, including the use of the Nuclear Risk Reduction Centers to improve communications between the two nations to mitigate malicious cyber-activity.
Target has confirmed that encrypted PINs associated with debit transactions conducted between Nov. 27 and Dec. 15 were compromised. But the retailer contends the risk to cardholders is low.
A federal district judge in New York upheld the constitutionality of the National Security Agency's program to collect metadata of phone calls made by Americans. The ruling conflicts with another federal judge's recent decision.
A preliminary version of the cybersecurity framework takes a too-broad approach to privacy, says security and privacy attorney Harriet Pearson. And that could result in fewer organizations adopting the voluntary security guidelines.
The potential of governments messing with commercial IT security products - think China and the NSA - means organizations need to improve lines of communications to assure the integrity of the IT wares they acquire. ISF's Steve Durbin discusses mitigating supply-chain risk.
Chase Bank's decision to limit daily ATM cash withdrawals on debit cards linked to the Target breach has raised questions among other issuers about whether PINs were, in fact, compromised. Is Chase just being cautious?
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
How can organizations mitigate the risks posed by the unintentional insider threat? The strategy requires a combination of technical and non-technical solutions, says researcher Randy Trzeciak.
Big-box retailer Target has confirmed that a breach that likely exposed some 40 million U.S. debit and credit accounts was caused by a malware attack that infected its point-of-sale system. Find out all the latest details.
As patent trolls continue to target companies with patent infringement lawsuits, bipartisan Congressional support is building to protect financial institutions, says NAFCU's Brad Thaler.
On Christmas Eve, Target issued a warning about phishing scams linked to its breach recovery efforts. In response, the retailer says it is launching a dedicated resource page on its website for official communications.
Version 3.0 of the PCI Data Security Standard goes into effect Jan. 1, 2014. What steps should organizations be taking to prepare for implementation of the standard? Troy Leach and Bob Russo of the PCI Security Standards Council explain.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.