HIPAA Audits And Data Security

A random audit program to gauge Phase 2 HIPAA compliance is expected to be underway soon. This round will target business associates, including financial institutions that are typically exempted from HIPAA compliance when they provide what are considered to be typical banking services such as payment processing and credit/loans. But financial institutions that “create, receive, […]

PCI DSS 3.1 – Countdown For The June 30 Compliance Deadline

Recently, the PCI Security Standards Council issued Payment Card Industry Data Security Standards (PCI DSS) version 3.1 (PCI DSS v3.1), with “minor updates and clarifications” to PCI DSS v3.0, which went into effect on January 1, 2015. The most significant change: PCI DSS v3.1 prohibits the use of any version of SSL for any PCI […]

What You Need To Know Now About The LastPass Hack

On Monday, LastPass announced that it had been the target of a successful data breach.  Here’s what you need to know and do now, if you relied on this extremely popular service to secure and manage your passwords. When was the breach discovered? On Friday, June 12, the the LastPass team discovered and blocked suspicious […]

The State of Data Security Intelligence

The Informatica and Ponemon Institute’s second annual survey on data centric security, “The State of Data Security Intelligence,” has been released. Given the growing number of high-profile breaches, the report’s findings won’t shock anyone. Instead, they will confirm what we all know. That said, the number of organizations who admitted that they have little to […]

Preventing Retail Data Breaches: Defining Best Practices

The National Retail Federation recently presented Congress with a set of solutions aimed at better protecting consumers and helping businesses prevent data breaches. “We should not be satisfied with simply determining what to do after a data breach occurs,” NRF senior vice president for Government Relations David French said in a statement. “Instead, it is […]

Need to Know Now News Roundup: PoS Breaches, Destructive Malware, and Patch Tuesday

POS Breach Bigger Than Reported? Point-of-sale (POS) maker Harbortouch last week disclosed a breach involving “a small number” of its restaurant and bar customers, who were impacted by malicious software that allowed thieves to siphon customer card data from affected merchants. KrebsOnSecurity is reporting that a major U.S. card issuer has said that the company […]

Healthcare Records Theft On The RIse

Insider negligence is no longer the number one cause of data breaches in the healthcare industry – cybertheft and physical theft have now claimed the dubious honor. The Ponemon Institute’s new Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data, shows that healthcare information has become a prime target for malicious hackers, with […]

Insights From Verizon’s Data Breach Investigations Report

In early spring, while many people are anticipating the return of warm weather and blue skies, the information security industry is looking forward to the release of Verizon’s annual Data Breach Investigations Report (DBIR). Published since 2008, DBIR is a data security reference guide, playbook and bible. Global in scope, the report analyzes thousands of […]

Key Takeaways from Interop

Security was on everyone’s mind at this year’s Interop Las Vegas conference, with workshops ranging from insider threats to social engineering, supply chains and managing targeted attacks. One key point that emerged from all of the discussion was that businesses and governments need to understand the motivations of cyber attackers. Dmitri Alperovitch led the INTEROP […]

Retail PoS Systems, Ancient Passwords – What You Need To Know Now

You’ve probably seen coverage of the big RSA reveal regarding the fact that point of sale devices from a specific vendor have used the same pre-set administrator password for the last quarter of a century. Security researchers Charles Henderson and David Byrne, at their RSA presentation, were the ones who shared this discovery. More troubling, […]