Tripwire announced the results of research on risk-based security management in the retail industry, and the news isn't good: the majority of the retail sector is yet to implement to the new PCI standards.
ManageEngine announced enhancements to its firewall security and configuration management software, Firewall Analyzer, and to EventLog Analyzer, its log management and IT compliance software for SIEM.
Without adequate controls to manage store systems and the increase in number and variety of devices – retailers can expect security costs to continue to increase rapidly.
The PCI Security Standards Council (PCI SSC) published PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) 3.0 change highlights, as a preview of the new version of the standards coming in November 2013.
The need to ensure compliance with regulations should no longer be the primary consideration of CIOs when planning IT risk and security measures.