The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Delaware's recently enacted data destruction law sets itself apart from other regulations by permitting consumers, under certain circumstances, to file civil lawsuits against those who violate the law's requirements.
A U.S. federal court judge has upheld a warrant requiring Microsoft to give the Justice Department copies of e-mails being stored at a data center in Dublin. But Microsoft plans to appeal the ruling on privacy grounds.
A U.S. appeals court has agreed to hear Wyndham Worldwide's appeal regarding what authority the FTC has over corporate data security. The dispute stems from a suit the FTC brought against the hotel chain following three payment card data breaches.
The federal tally of major health data breaches has grown substantially in recent weeks. Incidents added over the last month provide examples of the variety of risks that healthcare entities continue to battle.
The banking industry is watching closely as the New York State Department of Financial Services proposes a groundbreaking "BitLicense" regulatory framework for virtual currency businesses that's designed to help fight fraud.