The General Data Protection Regulation (GDPR) is a regulation requiring businesses to protect the personal data and privacy of European Union (EU) citizens for transactions that occur within EU member states. Every company conducting business within the EU will need to comply to these strict new rules by May 25th which will likely cause concerns and heightened expectations for security teams due to the broad, yet stringent nature of the GDPR requirements.
The Payment Card Industry Security Standards Council (PCI SSC) has published a new version of the industry standard that businesses use to safeguard payment data before, during, and after purchase. PCI Data Security Standard (PCI DSS) version 3.2 replaces previous versions in addressing the growing threats to customer payment information.
During a recent data security expo hosted by Taiwan’s Presidential Office, 54 malware-infested thumb drives were handed out to the public by the Criminal Investigation Bureau. These infected USB sticks were among the 250 drives the bureau gave to winners of a game about cybersecurity knowledge at their exhibit.