Leading the latest edition of the ISMG Security Report: Assessing cryptocurrencies' role in the latest ransomware and malware attacks. Plus: Facebook's revised estimate on account details accessed by Cambridge Analytica.
The Secure Payments Task Force was established by the Federal Reserve Bank in 2015 in part to determine areas of focus and priorities for future action. Jim Cunha, a member of that task force, talks discusses how to advance payment system safety, fight fraud and ensure resiliency.
Panera Bread appears to have failed to fix a customer data leak for more than eight months after getting a heads-up from an independent security researcher. Here's what others should learn from the bakery café chain's mistakes.
Department store chains Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor have suffered a data breach that apparently exposed details on 5 million payment cards. Cybersecurity firm Gemini Advisory says the JokerStash syndicate - aka Carbanak gang - is selling the stolen card data.
Vendor risk management is becoming more critical as companies rely more on partners who have access to payment card data and other sensitive information, says Ramon Lipparoni, IT integration manager at ComAir, a South African airline. One critical step, he says, is conducting impromptu vendor audits.
As mobile payments continue to grow in South Africa, it's important that application developers build security into their apps and correctly implement tokenization standards, says Jeremy King, international director of the PCI Security Standards Council.
With the explosion of laptops, IoT, tablets, smartphones and other smart technologies, endpoints are the single largest group of devices inside your network today. Managing all of your assets and their software requires three foundational steps.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
Facebook CEO Mark Zuckerberg broke five days of silence as pressure intensifies on Facebook to account for a data leak to a voter-profiling firm that worked for the Trump campaign. In a lengthy blog post, Zuckerberg has pledged to make changes to better protect personal data. But is it too late?
A new standard from the PCI Data Security Standards Council could help ease the way for smaller merchants worldwide, especially in developing nations, to move to cashless payments using a variety of devices, says Troy Leach, CTO for the council, who spoke last week at a conference in South Africa.
Al Pascual of Javelin Strategy and Research discusses a new report that shows that while crypto wallets may be considered to be at the sharp end of payments innovation, the security vulnerabilities they face are much the same as those that already exist in digital banking and payments.
Developing nations that are moving to digital payments, especially for the unbanked, need to keep in mind security lessons already learned in other markets, including Europe, says Steve Marshall, founder at Risk-X, a U.K.-based audit and risk assessment consulting firm.
The PCI Security Standards Council is offering 40 percent lower fees for participating organizations in nations with lower-income economies. "We want to encourage countries in Africa and South Asia to get engaged with us," Jeremy King, international director at PCI SSC, tells ISMG in an exclusive interview.
If you browsed the latest security headlines, you'd probably think the majority of data breaches were related to hackers, political activists, malware or phishing. While the latter two hint at it, the truth is that nearly half of all data breaches can be traced back to insiders in some capacity.
As banking institutions of all sizes maximize their digital channels, there is growing tension between the need to prevent fraud and the desire to maintain a frictionless customer experience. IBM Trusteer's Valerie Bradford discusses how to defuse this tension.