U.S. card issuers and retailers agree tokenization has to be part of the country's EMV migration. But making investments in tokenization won't make sense for merchants until a universal, open standard for tokenization is developed.
Legislation approved by Congress seeks to cement the long-term role of the National Institute of Standards and Technology in working with industry to develop cybersecurity best practices that critical infrastructure operators can voluntarily adopt.
Congress this week passed four cybersecurity bills, and a commonality among all of the measures is that they strengthen the Department of Homeland Security as a cybersecurity force within the federal government.
For the first time in a dozen years, Congress has passed and sent to President Obama for his expected signature major cybersecurity legislation, including a bill to update the law that governs federal government IT security.
The sponsor of Senate-approved FISMA reform, Tom Carper, says it's not a done deal because the House has a dispute over which committee - Homeland Security or Oversight and Governmental Reform - has jurisdiction over the legislation.
The latest entrant into the password "hall of shame" is Sony Pictures Entertainment. As the ongoing dumps of Sony data by Guardians of Peace highlight, Sony apparently stored unencrypted passwords with inadequate access controls.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
Who hacked Sony? Not us, say the North Koreans, ending days of silence. As Deloitte becomes the latest victim of the G.O.P. gang that's claimed credit, one thing is certain: Sony won't have to buy the movie rights to this hacking story.
A federal judge has denied Target's motion to dismiss a class action lawsuit brought against it by several banking institutions following the retailer's December 2013 data breach that exposed 40 million credit and debit cards.
For the first time since 2010, the FFIEC has released updated guidance about Bank Secrecy Act compliance requirements and money-laundering risks. As a result, a fraud expert says banks should brace for more regulatory scrutiny in early 2015.
Retailers say tokenization and encryption are critical to ensuring payment card data security. Aite's Natalie Reinelt describes how merchants will use layers of security to protect data at the point of capture.
A new U.K. government report accuses social networks of serving as a "safe haven for terrorists," inflaming what some see as tense relations in the post-Snowden era between the British government and Silicon Valley.
The FDIC reveals more details about pending cybersecurity guidance that is expected to address specific types of cyber-attacks. Industry analysts say these new guidelines could signal more frequent updates from regulators.