Cloud Computing, Cyber Security, IT Security, Security, Technology

PCI compliance not synonymous with security, panel says

None of the companies in a soon-to-be released Verizon report that experienced a data breach “were fully PCI [Payment Card Industry Data Security Standard] compliant at the time of breach,” according to Roldophe Simonetti, managing director of compliance consulting at Verizon Enterprise Solutions, who participated in a company-hosted Jan. 12 evening panel discussion on securing mobile and online retail payments.

In a preview of Verizon’s “2015 PCI Compliance Report,” Simonetti told SCMagazine.com in a phone interview that only “28.6 percent of companies were PCI compliant after one year,” indicating that many organizations “are seeing compliance as a standalone exercise.”

PCI 3.0 was released in November 2013 and all organizations were required to start using it Jan. 1 of this year.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Advertisements
Standard
Cyber Security, Data Breach, IT Security, Security, Technology

DHS is a mess of cybersecurity incompetence

Assessing DHS performance 12 years after its creation, a new Federal report called “A Review of the Department of Homeland Security’s Missions and Performance” contains a blistering summary on the state of DHS cybersecurity practices and programs.

DHS cybersecurity failure

The January 1 report reveals and concludes that DHS’s cybersecurity practices and programs are so bad, the DHS fails at even the basics of computer security and is “unlikely” able to protect both citizens and government from attacks.

The report’s section on cybersecurity is all bad news — especially for fans of Obama’s planned legislative cyberattack protections.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, E commerce, Finance, IT Security, Security, Technology

Agencies fall short of White House targets for cybersecurity

The White House continues to see an upward trend in new cybersecurity practices governmentwide, but the Obama administration is finding that not all agencies are living up to the cyber standards it set forth in last year’s cross-agency priority goals.

Published with the 2015 budget, the cross-agency priority (CAP) goals focus on longstanding and critical issues affecting agencies across the federal government. Cybersecurity — one of the first mentioned of the White House’s 15 CAP goals — is a mission-based goal to “[i]mprove awareness of security practices, vulnerabilities, and threats to the operating environment, by limiting access to only authorized users and implementing technologies and processes that reduce the risk from malicious activity,” according to a goal statement. It says the president views cybersecurity as “one of the most serious national security, public safety, and economic challenges we face as a nation.”

Read More

Standard
Business, Cloud Computing, Cyber Security, Data Breach, Defense, Finance, IT Security, Security, Technology

North Korea boosts cyber army to 6,000 troops to cause ‘physical and psychological paralysis’

North Korea has boosted its “cyber army” in a bid to cause “physical and psychological paralysis” in the South.

According to the South Korean Defence Ministry’s latest white paper, the hermit state’s military unit, which is dedicated to cyber activities, is now double that of South Korea’s.

“North Korea is currently running its 6,000 (member) workforce for cyber warfare and performing cyberattacks for physical and psychological paralysis inside South Korea such as causing troubles formilitary operations and national infrastructures,” said the South Korean Defence Ministry.

In 2013, South Korea blamed Pyongyang for the raft of crippling cyber attacks on its banks and broadcasters.

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, IT Security, Security, Technology

North Korea is doubling its skilled cyber security staffers

NORTH KOREA IS REPORTEDLYdoubling the number of its highly skilled cyber soldiers while still denying claims that it ever maliciously hacked anyone.

In case you missed it, North Korea has been accused of hacking like a dry cough. The country has had more fingers pointed at it than a button, and has got rather comfortable with denyingaccusations that it has done things like tear apart Sony Pictures Entertainment.

Now it is accused of doubling its cyber warfare posse, called Bureau 121, which the last time anyone checked was made up of some 3,000 skilled staffers.

Today, according to reports, including this one on Reuters, that number is 6,000 if South Korea is to be believed.

A white paper from the South Korean Defence Ministry said that the enlarged unit will be used to bring mischief on the South, and possibly other countries and their utilities.

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, Government, IT Security, Security, Technology

SONY HACK SIGNALS ‘NEW NORMAL’ IN CYBERSECURITY

The Sony hack copied a multinational company’s financial documents, its employees’ personally identifiable information and years’ worth ofembarrassing – and poorly written, it must be said – emails from high-level executives and released them all for the world to see.

But for many cybersecurity observers, the real eye opener was how the hack illustrates today’s cyber landscape: It’s likely to get worse before it gets better.

A growing collection of high-level computer security experts believe evidence points to aninsider-orchestrated attack, while the U.S. government quickly blamed and sanctioned North Korea, whose leader, Kim Jong-un, is portrayed in an unflattering fashion in the Sony-backed film, The Interview.

Meanwhile, as Sony’s image continues to tarnish with each leaked, scandalous revelation, the company experienced an added layer of suffering other data-breached companies — Target, Neiman Marcus and Home Depot — had avoided.

Read More

Standard
Business, Cloud Computing, Cyber Security, Data Breach, Defense, Finance, IT Security, Security, Technology

Air Force evolves its cybersecurity as JIE comes into focus

The Air Force is moving beyond requiring airmen to use smart identification cards to log onto its computer network. The service now is making its network security even stronger.

Lt. Gen. Bill Bender, the Air Force’s chief of information dominance and chief information officer, said the use of role-based authentication should be “baked- into” its IT systems in the future.

Read More

Standard