Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Comptroller of the Currency Thomas Curry says "it's only fair" that merchants should be responsible for some of the expenses that result when their systems are breached. Now, security experts consider the implications of his comments.
Following its massive breach, Target has hired a chief risk and compliance officer reporting directly to the CEO. Analysts say this move could signify the importance cybersecurity has reached within retail organizations.
The logjam in Congress on passing significant cybersecurity legislation could be broken when Republicans assume control of the Senate next year. Here's why.
Sen. Ron Johnson, R-Wis., the presumptive chairman of the Senate committee with government IT security oversight, hasn't immersed himself heavily in cybersecurity issues during his 4-year Senate tenure.
In new guidance from the PCI Council, its leaders outline why businesses that handle card data need to address employee education. Here, experts explain why this guidance is a positive step for card security.
As a result of the Home Depot breach, which compromised 56 million cards, credit unions have spent nearly $60 million dealing with card reissuance and fraud costs, according to the Credit Union National Association.
The annual Amsterdam gathering of information security aficionados detailed the very latest hacking threats, including cybersecurity attacks via drone, sniffing data from fitness devices, and exploiting ATMs using Raspberry Pi computers.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
What security and technology issues are top concerns for 2015? The transition to new payment methods and shoring up gaps in basic security practices, according to industry leaders at two ISMG summits last week.
A bill before Congress to encourage the sharing of cyberthreat information won't come up for a vote until lawmakers act on legislation to end NSA's bulk collection program, says Senate Homeland Security Committee Chairman Tom Carper.
Target Corp. and several banking institutions continue to argue back and forth over the retailer's request to dismiss a consolidated class action lawsuit the institutions filed following the retailer's December 2013 data breach.
Despite President Obama's urgent call to lawmakers to enact a national data breach notification law, such legislation will not likely be voted upon before the current Congress adjourns at year's end. Here's why.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.