Federal security managers expect that most federally run systems are actively engaging with FISMA compliance for protecting federal data and systems. However, as we all know, federal information does not remain only in federally operated systems. Data and IT systems connect via the Internet and other networks for business, operations and research. Information about citizens,...

The Payment Card Industry Data Security Standard (PCI DSS) was created to help organizations that process credit card payments, secure the cardholder environment to prevent credit card fraud, cyber threats and other security vulnerabilities. The latest version, 4.0, provides specific security guidance on handling, processing, transmitting and storing credit card data to...

There is a misunderstanding that if you are compliant, you are secure. This isn’t the case. For example, adhering to PCI DSS v4.0 will only allow you to tick the box to say you are PCI compliant in that moment. It gives you a snapshot in time of where you are in your compliance journey. But it won’t prevent your company from suffering a breach—along with incurring fines and...