News

11
January 2014

World's Biggest Data Breaches

Lire l'article


06
January 2014

Travel insurer Staysure warns customers over IT hack

The travel insurer Staysure has warned customers that some of their sensitive bank card details may have been stolen after its IT security was breached.

Lire l'article


18
December 2013

PCI DSS version 3.0: The five most important changes for merchants.

As most security pros with PCI in their compliance scope are no doubt already aware, the PCI Security Standards Council (SSC) has released version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS).

As it has done in the past, the SSC has once again provided a summary of changes highlighting the differences between version 2.0 and 3.0 of the standard. And if you're a merchant or assessor, both documents (the summary and, indeed. the new version itself) should be on your short list of required reading between now and January, when the new requirements go into effect.

When it unveiled PCI DSS 2.0 in 2010, the council set an expectation that increasing maturity in the standard tends to minimize the need for changes -- in other words, that as the standard continues to evolve and new versions are rolled out, the need for new requirements should tend to decrease. As such, it's not terribly surprising that the majority of the changes in PCI DSS version 3.0 are clarificati

Lire l'article


12
December 2013
Source de l'article : http://www.darkreading.com/

Lessons Learned From 4 Major Data Breaches In 2013

Ericka Chickowski November 25, 2013

In many respects the breach trends of 2013 have borne out some good news for the security industry. Unlike the past four to five years, this one has not been awash with mega database breaches of tens of millions of records containing personally identifiable information (PII). And according to statistics compiled by the Privacy Rights Clearinghouse, both the number of breaches publicly reported and the volume of records breached have declined. Last year at this time, the running count already totaled approximately 27.8 million records compromised and 637 breaches reported. This year, that tally so far equals about 10.6 million records compromised and 483 breaches reported. It's a testament to the progress the industry has made in the fundamentals of compliance and security best practices. But this year's record is clearly far from perfect.

Lire l'article


18
November 2013
Source de l'article : http://bluetower.fr

La version 3.0 des normes PCI DSS va au-delà de la simple conformité.

"Les données des porteurs de cartes bancaires continuent d'être une cible pour les criminels. Le manque de formation et de sensibilisation autour de la sécurité des paiements et la mauvaise mise en oeuvre et la maintenance des normes PCI conduisent aux nombreuses failles de sécurité qui existent aujourd'hui."
PCI SSC ‘PCI DSS 3.0 Change Highlights’ – August 2013

Le PCI Security Standards Council (PCI SSC) a publié la version 3.0 de la norme PCI DSS et des normes pour les applications de paiement (PA-DSS) concernant la sécurité des cartes de débit et crédit. Alors que les pertes dues à la fraude par carte ne diminuent pas il est clair que quelque chose doit changer. Cette nouvelle version vise à faire évoluer les organisations de la simple conformité vers plus de sécurité globale par le partage de la responsabilité en interne et en externe. C'est donc plus sur le raffinement et la clarification des exigences que sur l'introduction de nouvelles techniques ou technologies pour ai

Lire l'article