A class action suit against breached restaurant chain P.F. Chang's China Bistro is unlikely to succeed, some security experts say, because proving consumer losses linked to specific merchant data breaches is difficult.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
P.F. Chang's confirmed card breach has renewed debate about the state of security at U.S. merchants. The PCI Council's Bob Russo says that while there has been progress in recent months, the retail industry still has a long way to go.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
In many if not most enterprises, the chief information security officer reports to the chief information officer. After all, enterprises cannot function without IT, and security is a support function to safeguard data and systems. Or is it?
A class action lawsuit filed by two banks against Target in the wake of its 2013 breach has an unusual twist: It seeks damages from Target and Trustwave, allegedly the retailer's qualified security assessor. Experts offer an analysis.
Banking institutions should be evaluating zero-day vulnerability risks posed by Microsoft's dropping of support next month for Windows XP. But experts say their biggest concern should be how those vulnerabilities will affect customers and vendors.
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
As Congressional leaders look for answers about why U.S. card security is failing, there hasn't been enough discussion surround why EMV can't easily fix our system. And the card brands have been conspicuously absent from the debate.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Target Corp.'s revelation that personal information about up to 70 million customers was breached in a recent malware attack raises new questions about Target's security practices and risks to consumers.