Simple Log Review Checklist Released!
Today, many people are looking for very simple solutions to big and complex problems and the area of logging and log management is no exception. Following that theme, we have created a “Critical Log Review Checklist for Security Incidents” which is released to the world today.
In addition to HTML, PDF or DOC versions are [...]
|
Does the storm over cloud security mean opportunity?
Absent such standards, Feigenbaum noted that Google received SaS 70 certification and shares the audit results on its security controls with customers. Google is also now seeking certification to comply with the Federal Information Security Management Act (FISMA).
via Analysis: Does the storm over cloud security mean opportunity?.
|
Up to 90% of UK companies may not comply with PCI security standards Data control & Intellectual Property ComputerworldUK
New research shows that 89 percent of UK companies are not compliant with the Payment Card Industry Data Security Standards.
via Up to 90% of UK companies may not comply with PCI security standards – Data control & Intellectual Property – ComputerworldUK.
|
GRC goes into the Cloud Express Computer
eGestalt has announced the availability of SecureGRC, a solution that provides an end-to-end integration of security monitoring with IT-Governance, Risk Management and Compliance (IT-GRC) management solutions using a cloud-based delivery model.
via GRC goes into the Cloud – Express Computer.
|
RSA: PCI tokenization push promising but premature, experts say
Tokenization technology has the potential to protect credit card data while reducing the scope of a PCI DSS assessment, but a lack of standards and some complexity issues are cause for concern, panelists said Wednesday, at the 2010 RSA Conference.
via PCI tokenization push promising but premature, experts say.
|
Why Pay For Health Insurance When You Can Steal It?
These days, most people know the drill for dealing with a stolen credit card number call the card company and have the account canceled.
But experts say a different type of identity theft is on the rise one that could compromise both the victim’s credit and physical safety. Patients using someone else’ name, Social [...]
|
Whats Ahead For PCI in 2010
The following milestones provide an overview of what the PCI Security Standards Council has planned for 2010 and what changes to expect along the way:
* November 2009-April 2010: DSS and PA-DSS feedback review process.
* March: Council shares summary of feedback with market.
* Late April: New PIN transaction security (PTS) standard released (formerly PIN Entry Device [...]
|
Average annual cost of PCI compliance audit? $225k
Merchants that undergo network audits to ensure compliance with the Payment Card Industry Data Security Standards are paying an average of $225,000 each year — and 10% of these business are paying $500,000 or more annually, according to a new study. In spite of that, 2% of them fail these audits.
via Average annual cost of [...]
|
Wyndham hotels hacked again
Hackers broke into computer systems at Wyndham Hotels & Resorts recently, stealing sensitive customer data.
The break-in occurred between late October 2009 and January 2010, when it was finally discovered. It affected an undisclosed number of company franchisees and hotel properties that Wyndham manages. Wyndham has acknowledged the incident in a note posted to its Web [...]
|
Martin Memorial statement regarding conclusion of patient privacy breach investigation » TCPalm.com
Martin Memorial has completed an internal investigation regarding a patient privacy breach that occurred Feb. 3 at Martin Memorial Medical Center.
via Martin Memorial statement regarding conclusion of patient privacy breach investigation » TCPalm.com.
|
