A Best Practice Blueprint for eGRC
Recorded: May 26 | 2015 Play
With the increased regulation and scrutiny of the past decade, it is important for organizations to maintain best practices in order to control and achieve compliance with evolving regulatory requirements.
Understanding EMV, End-to-end encryption, and Tokenization
Recorded: March 19 | 2015 Play!
Data breaches are a widespread problem with over 1.1 billion records compromised in the last 10 years. According to the Verizon 2014 Data Breach Investigations Report, the vast majority of breaches occurred against small to mid-sized companies.
Preparing for PCI DSS 3.0 and VISA Mandates
Recorded: February 19 | 2015 On-Demand!
The clock is ticking for enterprises that have not yet upgraded their payment card processing systems to be compliant with Payment Card Industry Data Security Standard (PCI DSS) 3.0. As the Jan. 1, 2015 mandatory deadline approaches, there is increasing urgency to not only understand the most important changes in PCI DSS 3.0, but also to be ready for a rigorous QSA assessment against those changes. Since PCI 3.0 is bigger, harder and more expensive than the previous iteration, merchants have their work cut out for them.
Top Guidelines for Hadoop Security and Governance in 2015
Recorded: January 21 | 2015 Play
In 2015 the size of the digital universe will be tenfold what it was in 2010. Large-scale data breaches are on the rise across all sectors, and enterprise data security initiatives must evolve to address new and growing threats. Consumer transactions, personally identifiable information, customer records, and the like, all flowing together into the Hadoop 'data lake', will enable critical business insights but also means Hadoop installations will be a rich target for cyber-crime.
Top Security Guidelines for EMV and Mobile Payments in 2015
Recorded: December 4 | 2014 Play
More than 100 million Americans have lost personal information in a data breach over the last year, and identity theft is the fastest growing crime in the US. As a result, President Obama has launched a government initiative to support the US migration to EMV and improve information sharing on cyberfraud threats, and nearly half of US merchant terminals are expected to accept EMV cards by the end of next year.
Don't Be the Next Headline: Data Security Best Practices for 2015 and Beyond
Recorded: November 4 | 2014 Play
Albert Einstein once observed: "Technological progress is like an axe in the hands of a pathological criminal." His words were eerily prophetic of the continuous news of data breaches in the retail and banking sectors.
Securing Hadoop – the Data-Centric Approach
Recorded: October 1 | 2014 Play
If you're embarking on Hadoop adoption you know that sensitive customer and corporate data will be in the ecosystem – transactional data, intellectual property, customer files, and more. As Adrian Lane of Securosis has noted, "High quality data produces better analysis results—which is why a key ingredient is sensitive data." Now the question becomes how to keep sensitive data secure as it moves into and beyond Hadoop, and—most importantly—how to protect the data but still make it accessible by many different users with varying analytic needs and ad-hoc processes.
The Case for Building Your Own Secure, Compliant Cloud
Recorded: September 24 | 2014 Play
What is driving expansion to the cloud? In most cases, it's cost. But for many enterprise IT organizations, it is about agility, efficiency, and productivity.
Panel: Why EMV is Not the Only Answer to Payment Security
Recorded: September 16 | 2014 Play
2013 was the worst year yet in terms of data breaches, with over 740 million records exposed, and 2014 is shaping up to be more of the same. Security analysts estimate the costs of the data breach that hit U.S. retailer Target are approaching half a billion dollars for the company. The total cost of the breach including losses incurred by banks, consumers and others–could easily reach into the billions of dollars, and the incidents continue in the food industry, state government, and other sectors.
Compliance Does Not Equal Security – A Risk-Based Plan for ePHI Protection
Recorded: August 20 | 2014 Play
With the emergence of big data healthcare analytics, electronic health information exchange, clinical data warehousing, and other technologies for optimizing patient care, the healthcare industry has never been more reliant on electronic data and the strict requirements associated with the data. The advances in business processes, technology and regulations require that data security initiatives evolve to address new and growing threats. Coincidentally, in a recent survey, 69% of organizations felt that provisions of the Affordable Care Act (ACA) have the effect of increasing or significantly increasing risks to patient privacy and security.
EMV & Payment Security: Evolving Beyond the Mag Stripe
Recorded: July 15 | 2014 Play
Everything changed six months ago. The Target data breach caused us all to rethink payment security. The U.S. transition to EMV chip and pin cards, is around the corner. Tune into this webinar for a complete update on where EMV is today – lessons learned from Europe and Canada's experience of EMV adoption, and the latest about the liability shift in the U.S. How and when will EMV be augmented by new approaches to card data in mobile wallets, online, and at the point of sale?
Data Is the Heart of Your Organization. Keep It Safe in the Cloud with the Right DR Strategy
Recorded: May 29 | 2014 Play
The state of business continuity and disaster recovery planning is dismal in most organizations and nonexistent in many. Most plans in place simply don't work. This is not surprising since disaster recovery hasn't been a priority among CIOs, until now, as cloud for disaster recovery is now a viable and more cost-effective option for organizations.
A New IT Approach to GRC for Business Innovation
When: July 23 | 2014 Attend
The burden of the existing day-to-day IT workload has never been greater and continues to grow. The recent financial scandals and high profile data breaches have raised scrutiny to unprecedented levels. This scrutiny, together with new legislative changes, has resulted in an array of new compliance measures and related challenges, which have led to a melting pot of complexity that has seen organizations increase spend simply to 'keep the IT maintenance lights on'.
Rethinking Email Security: Best Practices to Protect and Maintain Private Communications
Recorded: May 6 | 2014 Attend
2014 has been called "The Year of Encryption." The recent data breaches, personal identity theft cases, email snooping concerns, and a serious, far-reaching software vulnerability (i.e., Heartbleed) have put a spotlight on the importance of protecting sensitive data, both inside and outside the enterprise. Email is invaluable to enterprises. It's the easiest mode of communication which also makes it an easy target for data theft.
The New Data De-identification: Enabling Business Agility while Protecting Data Assets
Recorded: April 23 | 2014 Attend
Let's face it, there's unrelenting pressure on IT to enable competitive advantage through new technology and use of data assets‒-but the business is driving initiatives that can push sensitive production data into more and more exposed areas. The key question is 'How can you enable the business to be agile AND take a more proactive, programmatic approach to security at the same time?' With the advanced threats that are pervasive today, it's becoming increasingly dangerous for organizations to deploy new technologies and processes, and then reactively address the implications for data security in the ecosystem. You need a blueprint to reverse this trend in your organization.
Lessons Learned From the Target Data Breach
Recorded: March 18 | 2014 Play
In December 2013, US retailer Target suffered a high profile data breach at the hands of a cybercriminal group, who infected its point-of-sale (PoS) terminals with malware to steal the details of around 110 million customers. Marcus Group's systems were also compromised recently and crooks made off with customer card details, while several other merchants are reported to be preparing to go public with their own breaches.
Third-Party Compliance: Managing Website Data to Reduce Corporate Risk
Recorded: February 5 | 2014 Play
Providing services and features to website visitors often requires deploying many third party service providers for analytics, marketing, payment processing, and data management. Managing risk from these third parties is vitally important in a landscape filled with new threats and regulations. The nature of these relationships requires that information be shared, and risk accrues whenever sensitive information is shared with or processed by third parties.
How to Achieve Compliance and Secure the Public and Private Cloud
Recorded: December 5 | 2013 View
New initiatives such as cloud computing are imposing significant security risks on the corporation, network, IT and the day to day activities of the business. How do businesses maintain compliance, control and ownership of sensitive data as they move from the physical environment to a cloud world? The distribution of data onto devices may not be completely controlled by the data owner, and there is liability confusion as cloud service providers take on a larger role. As a result CIOs are looking at technologies and strategies to assure security while delivering the required services.
PCI DSS 3.0 - What the Changes Mean for Your Organization
Recorded: January 21 | 2014 Play
The official release of PCI DSS v3.0 is here, now what? Voltage Security have invited a PCI DSS QSA to assist you with your PCI challenges by providing recommendations on how to execute a seamless upgrade from PCI DSS version 2.0 to 3.0. Find out why it's no longer acceptable to strive for compliance over real-time security. And learn how the new standard brings a whole new meaning to 'business as usual'.
Panel Discussion: Navigating PCI Security Mountains in the Cloud
Recorded: November 6 | 2013 View
Organizations outsourcing card data to the cloud face significant security risks. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for the PCI Data Security Standard (PCI DSS). And as soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI DSS becomes increasingly challenging.