The only way to improve card security is for banks and merchants to align their strategies, says Gray Taylor of NACS. "This is something that hurts both of our industries. Fraud hurts us all."
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
Emerging technology is often touted for enhancing security. But if not properly deployed and integrated, these technologies can hinder rather than improve security.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
With so much critical information being exchanged today via e-mail, now is the time to deploy next-generation e-mail encryption solutions, says Bob Janacek, CTO and founder of DataMotion.
With so much critical information being exchanged today via e-mail, now is the time to deploy next-generation e-mail encryption solutions, says Bob Janacek, CTO and founder of DataMotion.
Intel CISO Malcolm Harkins says the Sony PlayStation breach reminds CISOs in all sectors that such incidents can't be avoided, but their risks can be managed.
RSA has sent a detailed letter to its clients regarding the recent attack against its SecurID two-factor authentication products. It's also hosting customer information calls this week.
Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.