Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
The FDA has issued a final rule for a medical device identification system that aims to make it easier and more efficient to track adverse events, including problems caused by cybersecurity issues, such as malware.
NIST awards a total of $7 million in grants to five organizations to develop and pilot reliable and easy-to-use identity credentials that could help build trust in online commerce and boost the economy.
On the one-year anniversary of al-Qassam Cyber Fighters' first announcement about DDoS attacks against U.S. banks, experts discuss what may happen next, including whether the group will join forces with the Syrian Electronic Army.
Phishing attempts against bank employees are on the rise. How can institutions improve their defenses? Daniel Ingevaldson of Easy Solutions offers insights on how to combat advanced phishing techniques.
The National Institute of Standards and Technology is re-evaluating a set of its special publications because of concerns expressed by some leading cryptographers that the National Security Agency might have corrupted the guidance.
Organizations still have concerns about sharing too much data and threat intelligence to help thwart attacks. But EMC's Kathleen Moriarty says organizations' fears about intellectual property compromises are overblown.
Termination of an employee after a breach should be reserved for repeat offenders, individuals who show a total disregard for the rules, those who seek to harm another or the most egregious incidents, security expert Mac McMillan contends.
Apple's inclusion of a fingerprint scanner in its iPhone 5S is an important step toward bringing biometrics into the mainstream. But there's a long way to go before biometrics supplant passwords at the enterprise level.
John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.
Scientists are discovering ways to make quantum key distribution a more cost-effective and efficient way to securely share encryption keys, but there's still a long way to go before the methods can be practically applied.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
Even with the latest disclosures of the efforts the National Security Agency goes through to decrypt Internet communications, enterprises can take specific steps to protect their information from prying eyes.
Citi's settlement with two states over a breach that exposed 360,000 cards will likely set an example for other states. One expert says banking institutions will likely pay more damages when accounts are compromised.