Compliance

Visa confirms another payment processor breach

Dan Kaplan February 24, 2009

Another payment processor has fallen victim to hackers, Visa confirmed on Monday.
 

HMRC breach would have been avoided for just £15,000

Richard Thurston July 03, 2008

The catastrophic loss of information of 25 million UK citizens last year would have been avoided if Her Majesty's Revenue and Customs had spent a maximum of £15,000 on the extraction of data, but it turned down this expenditure because information security was such a low priority, one of the breach investigators revealed today
 

Data watchdog admits to deluge of Central Government breach info

Richard Thurston July 03, 2008

The Information Commmissioner's Office has revealed it has been voluntarily informed of a huge number of security breaches - mostly in Westminster - while it eyes up plans for a new law which could make the reporting of such incidents compulsory
 

PCI standard widened to include unattended point-of-sale terminals

Richard Thurston July 02, 2008

Terminals such as those found in vending machines and on fuel pumps are to be included in additional guidelines to be written by the PCI Security Standards Council, producing extra demands on retailers
 

Europe just "weeks" away from data sharing deal with FBI

Richard Thurston July 01, 2008

Brussels insiders have confirmed that the European Commission is nearing the conclusion of talks with the Americans over the provision of citizens' personal information to the FBI for terrorism fighting purposes
 

Deadline arrives for latest PCI standard requirement

Sue Marquette Poremba July 01, 2008

Companies that aren't in compliance with PCI DSS Section 6.6 risk fines and other losses that could reach into the millions of dollars
 

Poynter review: HMRC has radically reduced security risks

Richard Thurston June 26, 2008

PwC chairman Kieran Poynter, the man tasked to investigate what happened in the catastrophic HMRC data breach, has revealed that significant progress has been made since the disastrous information leakage last October
 

Case study: Deep inside the Serious Fraud Office's digital forensics unit

Richard Thurston June 26, 2008

The SFO invited SC Magazine for a sneak preview of its recently revamped digital forensics unit, where scientists were hard at work dissecting and interrogating the latest mobile devices
 

Poynter Review, IPCC severely criticise HMRC over data breach

Richard Thurston June 25, 2008

Two separate reports into the data leakage of 25 million records from Revenue & Customs last year have widely condemned data security procedures in the Government department
 

Scotland loses details of nearly one million 999 calls

Richard Thurston June 24, 2008

Parcel courier TNT has lost a disk containing extensive details of emergency calls made in Scotland over the last two years
 

Private investigators fined by magistrates after conning BT for information

Richard Thurston June 23, 2008

Two private detectives have been fined by a London court after blagging information on the partner of a man wanted for a debt to their client
 

Weak security controls to blame as finance firm is hit by FSA fine

Richard Thurston June 19, 2008

Merchant Securities is forced to cough up £77,000 for putting its customers at risk of identity fraud as part of a crackdown on lax security controls by the financial services watchdog
 

Government admits breaching data rules following PC theft

Richard Thurston June 18, 2008

A senior civil servant has revealed that his department did not meet its own data protection guidance as the PC of minister Hazel Blears was stolen from her constituency office
 

Security spending bucks economic downturn

Richard Thurston June 18, 2008

Organisations are substantially increasing their expenditure on security products, especially tools which help compliance and privacy and help prevent data leakage
 

IT Governance guide released for security professionals

Richard Thurston June 17, 2008

The IT Governance Institute has published a guide to try to help raise the standards of information governance within businesses and the public sector
 

AT&T drives deeper into security services

Richard Thurston June 04, 2008

The carrier has launched a managed encryption services portfolio which it hopes will help prevent corporate data leakage and in part replace postal services for the transmission of confidential documents
 

Google chief exec targeted over privacy policy

Richard Thurston June 04, 2008

Fourteen US privacy groups have written to Eric Schmidt arguing that Google is breaking Californian law by not including a link to its privacy policy on its homepage
 

Trustwave branches out into application pen-testing

Richard Thurston May 26, 2008

The security services company is to try to help enterprises protect their web-based apps from attacks like SQL injection, buffer overflow and cross-site scripting
 

Alcatel-Lucent to secure mobile workers with always-on datacard

Richard Thurston May 22, 2008

The company is to bring to market next month a GPS and 3G enabled datacard which should give IT administrators 24/7 visibility of users' mobile devices
 

EMC plans encryption work with Brocade

Richard Thurston May 21, 2008

The storage companies say they will work together to integrate EMC's RSA Key Manager for the datacentre offering with Brocade's forthcoming fabric-based encryption technology, aiming to make it easier for datacentre managers to reliably encrypt their data
 

RSA Conference 2007: FTC planning new methods to combat ID theft

Dan Kaplan February 08, 2007

The federal agency responsible for consumer protection is planning a public workshop to discuss authentication, and soon hopes to draft a civil rule requiring companies to spot warning signs of identity theft, its leader said Wednesday.
 

Experts say global cooperation key to fighting cybercrime

Dan Kaplan February 01, 2007

International cooperation among law enforcement agencies is key to taking the allure from cybercrime, a panel of experts said today at a Kaspersky Lab-sponsored breakfast in New York.
 

Feds get low information security grades from CSIA

Frank Washkuch Jr. February 01, 2007

Despite some steps to improve the national information security infrastructure, the federal government earned low grades in the subject from one advocacy group.
 

Data security firms start Payment Card Industry Vendor Alliance

Ericka Chickowski January 31, 2007

A handful of data security companies announced they're forming a new alliance to advocate for firms who must comply with the payment card industry data security standards (PCI DSS).
 

SEC votes for simplified Sarbanes-Oxley

Ericka Chickowski December 13, 2006

The Securities and Exchange Commission (SEC) voted today to simplify the auditing process for Section 404 requirements of the Sarbanes-Oxley Act of 2002.
 

Electronic documents used in legal proceedings could boost stature of IT professionals

Ericka Chickowski December 06, 2006

IT security professionals are scrambling to learn how the latest change in federal regulations governing electronic legal documents affects their jobs.
 

Phishing scams using FFIEC deadline to dupe financial customers

Frank Washkuch Jr. November 28, 2006

CSOs and governance officers aren't the only ones studying up on compliance regulations. Phishers are also getting governance-savvy, sending bogus emails that pretend to bring customers in line with new guidelines for financial organizations.
 

Human error, zero-day targeted attacks make up latest SANS Top 20

Dan Kaplan November 15, 2006

Few would dispute the powerful link between social engineering and the success of a cyberattack in today's financially-driven threat landscape. So now, for the first time, the SANS Institute has named human error to its twice-annual Top 20 Internet Security Attack Targets list, a line-up that, until now, was reserved solely for technology.
 

Approva: More companies automating compliance

Frank Washkuch Jr. October 06, 2006

Companies in compliance with the requirements of the Sarbanes-Oxley Act are less likely to become victims of corporate fraud, according to a recently released survey from a leading control management vendor.
 

Survey: Compliance no longer top driver for archiving

Ericka Chickowski October 06, 2006

A new survey showed this week that while archiving technology continues to be more prevalent in the data center, regulatory compliance is no longer the number one driver to adopt new archiving equipment and software.
 

Latest News

« Previous
Next »
Popular Topics
Apple Threats Application Security Breaches And Exposures Consumer Threats Data Loss Prevention Email Security Emerging Threats Endpoint Protection External Threats Facebook Government High Tech Industry Surveys Information Disclosure Internal Threats Lawbreakers & Cybercrime Malware Mergers & Acquisitions Mobile Endpoint Security Patch Management PCI Privacy Social Networks Trojans Vulnerabilities & Flaws
Home | News | Products | Whitepapers | Jobs | Subscribe | Contact Us | About Us | Advertising | Editorial | Subscribe to our RSS feeds RSS

This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions