Have you noticed that many of the firms suffering high profile, serious, and expensive information security breaches have nonetheless been 'compliant' with certain laws, regulations, or standards? Consider the case of credit card processor Heartland Payment Systems, which recently suffered the unauthorized disclosure of over 100 million credit card and debit card transactions. The firm handles the transactions of over 175,000 merchants. Hundreds of banks have already had to reissue cards as a result of the breach. Note that Heartland was, at the time, certified as fully Payment Card Industry (PCI) compliant. Many other organizations that fall under various Federal, state, and industry regulations are continually experiencing breaches as well.
- New app alerts you when strangers open your unattended Mac
- Australia joins NATO cyber defence group, opens “pop-up” embassy in Estonia
- “Shocking” data-breach volumes only hint at the true magnitude of Australia’s data insecurity
- Industry, enterprises look to gamification as sides are drawn in cybersecurity’s infinity war
- FDA issues 'recall' on heart implants for security firmware update