Vendor alliance wants PCI certification program
Debuting this week at RSA, the Payment Card Industry Security
Vendor Alliance will provide guidance to the industry and hopes to
ultimately get a PCI certification program off the ground.
Intrusion detection systems are alive and kicking
IPS hasn't overtaken intrusion detection systems just yet. Senior
News Writer Bill Brenner reveals what customers want when they're
shopping for IDS products. Pitfalls aplenty going SOA
A service-oriented architecture's efficiency has often been more
of a priority than SOA security. Vendors, however, are compensating
with new Web services security features. Web apps remain a trouble spot
Contributor George Hulme examines how cross-site scripting and code
injection have become even bigger development issues than buffer
overflows. Spam, phishing, IM attacks rise
Malicious attacks using social engineering techniques are on the
rise. While botnets may finally be forcing ISPs into the battle,
enterprise security pros are working overtime on strategies to keep
the threats at bay. Going Wi-Fi? Go safely
Today's security professionals are forced to balance the
convenience that wireless technology offers with the need to
enforce a solid security policy. When physical and logical security converge
For an enterprise to protect itself from today's internal and
external threats, more companies are considering security programs
that integrate both physical and logical security. Flurry of state disclosure laws creates confusion for
CISOs
Now that nearly three dozen states have enacted breach disclosure
laws, national companies face the challenge of reconciling a vast
array of guidelines and their implications. CISOs mastering 'softer' skills
Learn why a mix of interpersonal skills have to be blended with
knowledge of business administration to create a well-rounded
leader. A new awareness for SIMs
Experts say the use of security information and event management
systems can not only give organizations overall visibility into
their network security and improve their incident response, but
also meet compliance demands. Developing an application security mind-set
Baking security into applications can be a difficult process, but
experts believe developing an application security mind-set can
help create more secure software systems. FFIEC, HSPD-12 fuel growth in authentication
market
Enterprises aren't the only ones who have had to deal with
regulations like FFIEC and HSPD-12. The vendor community has
adjusted by offering cost-effective and unobtrusive authentication
products, primarily focused on financial
institutions. |