Have you noticed that many of the firms suffering high profile, serious, and expensive information security breaches have nonetheless been 'compliant' with certain laws, regulations, or standards? Consider the case of credit card processor Heartland Payment Systems, which recently suffered the unauthorized disclosure of over 100 million credit card and debit card transactions. The firm handles the transactions of over 175,000 merchants. Hundreds of banks have already had to reissue cards as a result of the breach. Note that Heartland was, at the time, certified as fully Payment Card Industry (PCI) compliant. Many other organizations that fall under various Federal, state, and industry regulations are continually experiencing breaches as well.
- Xerox CISO: How business should prepare for the future security threat landscape
- When it comes to next-gen security, smartphones are opening doors – literally
- Dridex, BEC attacks and ‘brandjacking’ surge as phishing volumes pick up again after lull
- Unencrypted hard-coded password risks patient info in Philips’ x-ray dose app
- Skilled bad actors use new pulse wave DDoS attacks to hit multiple targets