An Information Security Management System (ISMS) is a security framework comprised of policies, processes and the management of technologies to address an organisation’s information security requirements.
Category: Compliance
Using Sampling To Ensure Effective Audit, Certification and Accreditation.
Highlights from the Verizon 2014 PCI Compliance Report
Verizon has published its 2014 PCI Compliance Report, which can be downloaded from here. Like their Data Breach Investigation Report (DBIR) it is an excellent piece of research and provides insight into the challenges associated with complying with the Payment Card Industry’s Data Security Standard (PCI DSS) v2.0.
Axenic selected for NZ all-of-government ICT Security and Related Services Panel (SRS Panel)
Privacy Breaches – Carrot or Stick?
Interesting article in the NY Times here
It discusses the loss of an unencrypted laptop by a NASA employee that contained the confidential details of 10,000 employees including names, birth dates, social security numbers and, in some cases, personal information from background checks.
Compliant Does Not Equal Secure.
On the 30 March Global Payments Inc. announced that it had suffered a data breach that had led to the Track 2 (i.e., the primary account number, expiration date, service code, PIN and CVV number) data of approximately 1.5 million credit cards being “exported” from its North American payment processing system.