How to Plan a Solid Business Security Strategy

by devans on February 4, 2011

By Khalid Kark, CSO
Every New Year brings an opportunity to review existing security plans and adjust strategies for the next year. And, as I participate in these conversations for 2011, a lot of similar themes have popped up.
Most CISOs are struggling with the same issues, ranging from dealing with the changing [...]

{ 0 comments }

How to Achieve Payment Card Industry Compliance: 5 Simple Steps

by devans on February 2, 2011

By: Evelyn de Souza
Of approximately 6 million small merchants in the United States, it is estimated that as few as 20 percent are complying with the Payment Card Industry Data Security Standard (PCI DSS). Many small retailers are using vulnerable payment operations and may have inadequate security practices in place, making them a significant threat to [...]

{ 0 comments }

Rules for PCI DSS Compliance

by devans on February 2, 2011

By Mathieu Gorge
2011-01-28
Data breaches have made news often in the past few years. When credit cardholder data is compromised, merchants face bad publicity, lasting damage to their reputations, lost business and possible fines. The global average cost of a single data-loss incident was $3.43 million in 2009, or $142 per compromised record, [...]

{ 0 comments }

Visa tightens rules for small sellers

July 1, 2010

You have 24 hours to comply
By John Leyden • Get more from this author
Posted in Small Biz, 30th June 2010 14:25 GMT
Free whitepaper – Taking control of your data demons: Dealing with unstructured content
From tomorrow small businesses that take credit card payments will be obliged to enrol in the credit card industry’s Payment Card Industry Data [...]

Read the full article →

New PCI DSS hurdles loom

July 1, 2010

01 July 2010
Extensions to the IT security and governance rules laid down by the PCI Security Standards Council, are looming.

From today, Visa is reportedly tightening up its security rules on smaller companies accepting card payments.
In September, a further security mandate will require large-scale card-accepting businesses to be fully PCI DSS compliant from the start of [...]

Read the full article →

Firms urged to take PCI DSS seriously

July 1, 2010

by Richard Kilner
Story link: Firms urged to take PCI DSS seriously
From 1st July Visa is to enhance its security measures on smaller companies accepting card payments and from September large scale card-accepting businesses will have to be fully PCI DSS compliant.
Jeff LoSapio, security practice manager for application security specialists Fortify, has argued that SMEs need [...]

Read the full article →

Local restaurant’s computer hacked, customers’ card numbers stolen

July 1, 2010

SAN ANTONIO — The computer system at a local Mexican restaurant was hacked, and investigators believe thieves made off with the credit card numbers of hundreds of customers.
Aldaco’s Mexican Cuisine at Stone Oak has a note on the front door apologizing to customers. Some of those customers are now getting charges from as far away at Italy.
“They [...]

Read the full article →

Foreign hackers are targeting small business, says BBB

July 1, 2010

The Better Business Bureau of Minnesota and North Dakota (BBB) and the Minnesota Cyber Crime Task Force (MCCTF) are issuing a warning to all small businesses that process credit cards.
Foreign hackers are targeting smaller U.S. businesses with outdated or no online security software, stealing customer credit card information and then turning around and selling it [...]

Read the full article →

Digital River sues over data breach

July 1, 2010

The company suspects that hackers in India stole valuable marketing data during an upgrade of its computers in Eden Prairie.
By DAN BROWNING, Star Tribune

A massive data theft from the e-commerce company Digital River Inc. has led investigators to hackers in India and a 19-year-old in New York who allegedly tried to sell the information to [...]

Read the full article →

New Massachusetts Data Security Law and Regulations – Comprehensive Information Security Plan required before March 1, 2010

July 1, 2010

written by Catherine M. Anderson, Jeffrey D. Collins

As many of you are aware, The Commonwealth of Massachusetts has adopted a new data security law, and regulations thereunder (the “Regulations”), intended to protect its residents from identity theft.  While the new law primarily addresses the required response by a company which is subject to an identity [...]

Read the full article →

← Previous Entries