http://pandasecurityus.wordpress.com/2008/03/20/regulatory-compliance-the-real-risk-of-undetected-malware/ Thu, 11 Sep 2008 19:07:34 +0000 http://wordpress.com/ hourly 1 http://pandasecurityus.wordpress.com/2008/03/20/regulatory-compliance-the-real-risk-of-undetected-malware/#comment-117 Atonomy of a data breach « Sun, 04 May 2008 18:08:50 +0000 http://pandasecurityus.wordpress.com/?p=50#comment-117 [...] Take for example an organization that has been PCI compliant for years, but suffered a data breach that involved hackers placing targeted malware on credit card processing servers at a major retailer. The question the security team has to ask themselves ”Why didn’t my current anti-virus solution detect the threat”? I have an interesting hypothesis on this subject that can be found in the article “Regulatory Compliance and the Real Risk of Undetected Malware.” [...] [...] Take for example an organization that has been PCI compliant for years, but suffered a data breach that involved hackers placing targeted malware on credit card processing servers at a major retailer. The question the security team has to ask themselves ”Why didn’t my current anti-virus solution detect the threat”? I have an interesting hypothesis on this subject that can be found in the article “Regulatory Compliance and the Real Risk of Undetected Malware.” [...]

]]>