The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.
Malware attacks against retailers are becoming more common. Many breaches linked to these attacks could be prevented, experts say, if merchants took more steps to lock down networks and point-of-sale devices.
This 2012 Global Encryption Trends Report, based on the independent research by the Ponemon Institute, reveals that encryption continues to be viewed as a strategic issue and that organizations are increasing their investment in encryption across the enterprise in response to compliance regulations and...
When do you want to use tokenization over encryption? How do these two technologies help you address security issues, and which is suitable for compliance? How do you decide which is better? You'll find the answers in this independently researched white paper written by data security analyst firm Securosis which helps...
In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
QCR Holdings, a bank-holding company in Illinois, is moving to a new provider for commercial online banking. Why? To ensure QCR's banks conform to the FFIEC's updated authentication guidance, says CTO Michael Wyffels.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.