Little sympathy for merchants in disputes over PCI violations
Genesco files $13M suit, arguing penalties from banks processing credit-card payments occurring without evidence card data has been stolen
Antone Gonsalves | 13 Mar | Read more
Genesco files $13M suit, arguing penalties from banks processing credit-card payments occurring without evidence card data has been stolen
Antone Gonsalves | 13 Mar | Read more
Copyright Alert System, which could slow or suspend your Internet service, said to lack due process
Taylor Armerding | 05 Mar | Read more
McAfee is enhancing its business security platform by adding near real-time querying capabilities to its ePolicy Orchestrator software and by integrating it with its security information and event management (SIEM) product to automatically initiate endpoint security policy changes.
Lucian Constantin | 12 Feb | Read more
New Data Security Standards (DSS) for the cloud make clear the responsibilities of merchants and service providers
Antone Gonsalves | 08 Feb | Read more
Turktrust, the Turkish certificate authority (CA) responsible for issuing an intermediate CA certificate that was later used to generate an unauthorized certificate for google.com, claims that the bad Google certificate was not used for dishonest purposes.
Lucian Constantin | 04 Jan | Read more
Failing an audit sounds like the last thing any company wants to happen. But that's because audits are seen by many as the goal of a security program. In reality, audits are only the means of testing whether enforcement of security matches the policies. In the broader context, though, an audit is a means to avoid a breach by learning the lesson in a "friendly" exercise rather than in the real world. If the audit is a stress-test of your environment that helps you find the weaknesses before a real attack, you should be failing audit every now and then. After all, if you're not failing any audits there are two possible explanations:
Andreas M. Antonopoulos | 05 Oct | Read more
Google has started to move e-mail security features from its Postini service directly into its Google Apps collaboration and communication suite.
Juan Carlos Perez | 16 Jul | Read more
Mobile payments technology is a loud sonic boom thundering through the payments industry. But are all -- or any -- of these payment schemes compliant with the <a href="http://www.csoonline.com/article/519563/the-great-pci-security-debate-of-2010-transcribed">Payment Card Industry Data Security Standard (PCI DSS?)</a>
George V. Hulme | 05 Jul | Read more
Oracle may be subtly misleading customers about the severity of some of the vulnerabilities found in its database software, according to researchers from database security software provider Application Security (AppSec).
Joab Jackson | 28 Apr | Read more
It's no secret that corporations are drowning in data. IDC estimates the volume of computer data worldwide will reach 1.2 million petabytes during 2011. A November, 2010 Gartner study found data growth was one of the top three challenges for data center managers at 47 per cent of large enterprises.
Kevin Fogarty | 16 Feb | Read more
IBM said Wednesday it is purchasing e-discovery vendor PSS Systems, in a move that further broadens Big Blue's sprawling portfolio of information management software. Terms were not disclosed.
Chris Kanaracus | 14 Oct | Read more
A U.K. company is seeking to displace penetration testing companies with an appliance and software that can frequently test whether security devices are catching bad network traffic and exploits.
Jeremy Kirk | 28 Sep | Read more