The recent string of breaches at prominent retailers such as Target and Neiman Marcus demonstrated that too many organizations still falsely equate PCI compliance with comprehensive security. Fully compliant organizations are being hit with attacks that compromise payment card data on a regular basis.

Smack in the middle of the holiday shopping season, Target was hit with a malware attack that infiltrated its point-of-sale systems and enabled the theft of credit card numbers and personally identifiable information from more than 70 million shoppers.

As is often the case in the technology industry, the details surrounding security information and event management can be a little unclear. While vendors may offer solutions of varying complexity, there is still a basic idea behind most SIEM products…

When Edward Snowden leaked the details of the National Security Agency’s PRISM program to the media, it resulted in a large public outcry and lot of unwanted attention. This doesn’t mean that system administrators should treat all of their contractors as the next Snowden, but it highlights the importance of ensuring that contractors, as well as employees, are sufficiently monitored and aware of how they are allowed to use company data.

World-renouned security expert provides suggestions for ways you can "spruce up" your security configuration.

Image Many organizations have the requirement to reduce the number of profiles to which special authorities—especially *ALLOBJ specially authority—have been assigned. In many cases, the excess capabilities can simply be removed because they aren't required for the person to perform their job functions. *SAVSYS special authority is a...