Version 3.0 of the Payment Card Industry Data Security Standard, to be released later this year, will include a focus on the standardization of compliance assessments, says Bob Russo of the PCI Security Standards Council.
Organizations must carefully consider patch management in the context of overall IT security because it's so important to achieving sound security. Read about NIST's recommendations on how best to implement patch management.
As users increasingly use mobile devices and operate outside the traditional corporate network, the concept of "endpoint security" has to evolve. And so do your strategies to secure the endpoint from sophisticated adversaries such as advanced persistent threat.
Register for this webinar to learn more about:
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
Unfortunately, user accounts with reduced privileges do not provide protection from attack, misuse or compromise. Reduced privileges for end-users can only be regarded as one part of an effective security strategy that should not be solely relied on. Organizations should know the limitations of this approach to...
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.