I attended the 2010 RSA Conference in San Francisco last week. As expected, one of the major themes resonating throughout the conference keynotes, sessions, and exhibit hall was the opportunity we have as security professionals to help secure increasingly virtualized and cloud-based infrastructures....
Posted to
Security Web
by
Renee Bradshaw
on
Mar 12, 2010
Filed under:
Filed under: Security, Data Breach, PCI DSS, PCI Standards Council, Compliance, RSA, PCI, RSA Conference, Verizon Breach Report, RSA 2010, PTS, PCI Standard, PA-DSS, Bob Russo
After my last post on human error, and how it contributes to significant data breaches, I haven’t been able to get the idea out of my head. It should come as no surprise that we have found that companies may have the best security tools and resources available, yet still experience large breaches...
Posted to
Security Web
by
Renee Bradshaw
on
Feb 17, 2010
Filed under:
Filed under: Security, Data Breach, PCI DSS, Insider Attack, Ponemon Institute, PCI Standards Council, Compliance, Secure Configuration Manager, Malicious, PCI, computer crime, non-malicious insider, malicious insider
Ouch. This from SC Magazine - $12.6 Million in fines and other costs for Heartland as a result of their breach last year. Of course, the long-term costs are likely to be far higher than this initial round: "It's still early to understand everything that's going to impact the final total...
As news (and discussion) of the Heartland Payment Systems breach continues to reverberate around the security industry, the payment card industry, and the web in general, there's ample room for rampant speculation and rumor regarding what happened, how big it was, and what it all means. A couple...