In response to the complex and global threats faced by the cardholder ecosystem, Visa Inc recently announced worldwide deadlines for PCI DSS Compliance.  "Compliance with PCI DSS is vital to ensuring the integrity of the global payments system," said Eduardo Perez, head of global data security, Visa Inc.  "Aligning compliance programs across the Visa regions is the latest step in our commitment to safeguarding cardholder data."

I attended RSA Conference Europe late last month, which – as always – is an amazing event. The theme of the Conference was focused on Alan Turing, who is often called the father of modern computer science. One particular perk at the venue was the public display of the Enigma machine – believed by the German forces during WWII to be impenetrable.

Click to Download/Listen (07:52)

This week's Speaking of Security podcast features an on-the-scene report from the Gartner Identity and Access Management Summit, one of the key shows on the security event calendar. The Summit was held last week in Orlando, Florida.

We’ve been getting a good few questions recently about how many Events Per Second a SIEM product support. Well, that depends on a few factors:

• The transport – processing Syslog events takes up a heck of a lot less processing power than collecting from a Windows box. Same with collecting data over an ODBC connection.

RSA has marked a McDonald’s-like landmark, quietly— over one billion applications and devices are now embedded with RSA ® BSAFE® security software. No numbers changed under ubiquitous golden arches to mark this monumental achievement, but it did get me thinking on how deep an impact RSA BSAFE has had in the broad industry sectors as well as at EMC in particular…

Given the seriousness of the financial crisis, growing job losses and the continued meltdown of global stock markets, it’s hard to imagine that the incoming Obama Administration or new U.S. Congress will be able to focus on much else during the first several months of 2009.  When they do tackle other issues, healthcare reform, tax policy and energy policy are likely to emerge at the top along with national security priorities.  Not to mention that many FY2009 spending bills still need to be approved by Congress and signed by the President as well, although that is expected to happen by March 2009 at the latest.

So where does this leave cyber security issues? 

Innovation in Security is a theme that we at EMC and RSA strongly believe in— it was central to my keynote speech at the NCA Security and Technology Conference in Seattle on the 29th of October. Yet, as the day progressed, I could not help but think of how extensively we need to innovate in our security deployments, to enable vibrant new information exchange capabilities, and to sustain the rapid changes in our information-centric lifestyles.

And are we being hit with Change!
Carlos Dominguez, the SVP at Cisco, spoke to the profound impact of Web 2.0 and TelePresence [TP] technologies on our business and social lifestyles...

In recent security briefings, I’m often asked: “Should I protect sensitive information on my laptop by encrypting my laptop?”

My advice is to first ask WHY?  Why do you as an employee have the business or security justification to transfer and store sensitive PII: (personally identifiable information) onto your mobile device?   (A little of asking who, what, where and when about your information will help here too).