Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
The House Intelligence Committee warns of threats Chinese chips pose to American IT systems. A new film embellishes that danger. Though pure fiction, the plot could help raise the public consciousness about cyberthreats.
A judge finds WikiLeaks leaker Bradley Manning not guilty of aiding the enemy but convicts him on other charges. How will the mixed verdict sway NSA whistleblower Edward Snowden's decision on whether to remain on the lam?
Angered over the Edward Snowden revelations, DEF CON says the feds should take a 'time-out' from this year's hackers' conference. But a top DHS cybersecurity policymaker says he's still invited to participate in a conclave panel discussion.
Addressing cyber-attacks is not just a technology issue. It requires a holistic view from the entire organization, says ISACA's Jeff Spivey, who emphasizes the need for a framework approach to security.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.