Have you noticed that many of the firms suffering high profile, serious, and expensive information security breaches have nonetheless been 'compliant' with certain laws, regulations, or standards? Consider the case of credit card processor Heartland Payment Systems, which recently suffered the unauthorized disclosure of over 100 million credit card and debit card transactions. The firm handles the transactions of over 175,000 merchants. Hundreds of banks have already had to reissue cards as a result of the breach. Note that Heartland was, at the time, certified as fully Payment Card Industry (PCI) compliant. Many other organizations that fall under various Federal, state, and industry regulations are continually experiencing breaches as well.
- UK’s NCSC catches Turla’s new in-memory ‘Neuron’ malware for attacking Windows
- Automated security testing helps developers clamp down on IoT, open-source threats
- Google’s G Suite gets new dashboard to spot new threats
- Is your PC vulnerable to Meltdown and Spectre CPU exploits? InSpectre tells you
- Despite their app appetite, Australian businesses still struggling to extend compliance to the cloud