Blogs

Showing Blog Posts: 1–6 of 6 by Fahmida Y. Rashid

  • Compliance is Not Supposed to be Security

    by Fahmida Y. Rashid on September 17, 2014

    With all the high-profile data breaches at major retailers over the past few months, it’s really tempting to write off PCI DSS as being ineffective. It’s clearly not working, since the security standard clearly didn’t protect these companies from attack. Then again, perhaps we are looking at the standard all wrong. Businesses—and often auditors—measure their security effectiveness against PCI DSS…

  • Thinking About Compliance in September

    by Fahmida Y. Rashid on September 5, 2014

    Compliance is one of those never-ending things. If the organization is not in the middle of an audit, then it is either reviewing its results or preparing for an upcoming one. That isn’t a bad thing, since the point is to be always compliant, not just sometimes. Unfortunately, compliance has a bad reputation because those regulatory activities can be so time-consuming. It may be frustrating to…

  • Understanding PoS Malware Infecting Retailers

    by Fahmida Y. Rashid on September 3, 2014

    By now you should be aware that cyber-criminals have struck at home improvement giant Home Depot and walked off with payment card details for millions of shoppers. Brian Krebs, who first reported the breach on Tuesday, believes nearly every single Home Depot location has been affected, and that attackers have been stealing payment card details for several months. If true, the breach at Home Depot…

  • Risks of Not Fixing the Heartbleed Flaw

    by Fahmida Y. Rashid on August 22, 2014

    By now you’ve seen reports about the data breach at Community Health Systems where attackers stole non-medical records for 4.5 million patients, and how attackers targeted the Heartbleed flaw to get on the network. This should be a warning to IT admins: Did you fully address the bug in your own networks? "Unless fully remediated, Heartbleed leaves open doors for attackers to extract data, including…

  • It's August; Let's Talk Budgets

    by Fahmida Y. Rashid on August 5, 2014

    The year's halfway mark has just passed, which for many information security professionals means it's time to think about the end of the year and plan for next year. This month, we will talk about what this halfway point means for current security initiatives and how they affect upcoming budget discussions. It's never too early to evaluate the status of existing projects and initiatives and to…

  • Talking Security, Online - Continuing the Conversation

    by Fahmida Y. Rashid on July 9, 2014

    Information security professionals tend to be smart, savvy, and quite opinionated. They are the guardians, protecting the network and information. They are warriors, using whatever tools are at hand to fight threats. They have interesting stories, and it is my privilege to tell them. The experts in the field are many, including researchers, developers, administrators, managers, and executives, …

This document was retrieved from http://www.rsaconference.com/blogs/by/145/rashid on Thu, 18 Sep 2014 01:41:21 -0400.
© 2014 EMC Corporation. All rights reserved.