It’s hard to believe that over a decade has passed since PCI DSS (Payment Card Industry Data Security Standard) was first introduced in 2004 as the information security standard for organizations that store, process or transmit cardholder data. Although it’s become a mature industry standard, two problems remain.
While many biometric modalities have been tried at the ATM, fingerprint biometrics has become one of the most widely used, partly because of its long history, but more importantly for its ease of use, performance, interoperability, ability to thwart imposters and low cost.
After the leak of the Panama Papers and a string of ransomware attacks, will these new developments lead to new priorities for lawyers, doctors and enterprises at large? Can financial losses or the damage to the reputation of a health system or law firm lead to a new sense of urgency to update accepted security practices and even codes of conduct with hospital data? Will regulatory bodies mandate more training for these two distinguished professions that have largely opted out of serious cybersecurity training up until now?
DOJ and SEC statements driving CCO concerns over changes in compliance regulations and scrutiny
April 18, 2016
Eighty-one percent of compliance officers have increased apprehension when it comes to their personal liability in situations of corporate misconduct, according to a new survey released by lawfirm DLA Piper. This uneasy adjustment stems from shifts in tone from Washington, DC, including the appointment of Hui Chen as the Justice Department’s first compliance counsel, and the release of the Yates Memo outlining a plan to prosecute individual corporate employees and incentivize reforms, according to the 2016 Compliance Risk Report: CCOs Under Scrutiny.
For the next generation of enterprise security leaders, is there a clear path forward to success? Enterprise security leaders discuss mentorships, education, certifications and the skills new CSOs and CISOs will need to succeed in their evolving roles and bring value to the business. But the problem is: with existing security leadership roles varying so widely, is the development of a uniform skill set even possible?