PCI DSS

59d9b46aa00c70238bb89056cfeb96c0

Lessons from a Soccer Manager for the Compliance Practitioner

January 21, 2014 Added by:Thomas Fox

Compliance leadership can take many forms and inspiration can come from many different sources.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Why The Paradigm Must Change

January 21, 2014 Added by:PCI Guru

The Target, Neiman Marcus and the potential other breaches of retailers to come should be a learning moment for all of us to demand that the card brands change their business paradigm to one that is more secure.

Comments  (0)

C9f10ffa24531c96d85e0445499fd1e4

Target and Neiman Marcus Breaches Renew Issues Regarding PCI Lawsuits

January 16, 2014 Added by:john melvin

We have no way of knowing right now what the causes of the recent Target and Neiman-Marcus data breaches are. It just raises the same questions of: does compliance with PCI standards mean that everything is secure against attacks? If an application is compliant, is that enough? It doesn’t seem to be clear whether or not a company can completely “pass the buck” to the developers and maintaine...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.

November 12, 2013 Added by:Jason Clark

Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.

Comments  (0)

C7159a557369b66632c4b54bf746b69e

It’s Here: PCI DSS 3.0

November 08, 2013 Added by:Sean Inman

Today the PCI Security Standards Council (PCI SSC) released version 3.0 of the PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS). Press Release

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

What to Expect When You're NOT Expecting: 7 Steps of a Professional Forensic Investigator

October 02, 2013 Added by:Stephen Marchewitz

A brief understanding of the process, time and overall cost of a Card Holder Data. All information contained in this article is for the purposes of awareness and education. If you have experienced a breach, contact a PFI company immediately.

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

What PCI Requirements Apply to Us: Tacking a Common PCI DSS Compliance Challenge

August 21, 2013 Added by:Rohit Sethi

Determining which system components fall under PCI compliance can often be problematic for many companies. When it comes to PCI DSS (Payment Card Industry Data Security Standards) compliance assessments, scoping tends to become a major challenge.

Comments  (8)

Ee445365f5f87ac6a6017afd9411a04a

What Magneto's Helmet and Non-ICFR SSAE 16 Controls have in Common

July 04, 2013 Added by:Jon Long

Recently I have had opportunities to observe several auditors defend why they believe the controls contained in their client's SSAE 16 reports are relevant to internal controls over financial reporting (ICFR).

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Identity & Access Management: Give Me a REST

June 19, 2013 Added by:Simon Moffatt

RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

Irregardless, Begs the Question, and SSAE 16 Certified

June 04, 2013 Added by:Jon Long

"Irregardless" is not a word, and is not a substitute for irrespective or regardless. "Begging the question" is a logical fallacy, not a substitute for "...which raises the question...", and there is no such thing as an "SSAE 16 certification".

Comments  (0)

6d117b57d55f63febe392e40a478011f

The Year of the Security Standard

May 09, 2013 Added by:Anthony M. Freed

Often in the security field we hear the question asked, “Who’s watching the watchers?” It occurred to me recently that one might make a similar rhetorical quip about other aspects of our field – in particular, the question of “Who’s standardizing the standards?”

Comments  (0)

D2b743b9ed2d7c357472fa8237d7adaf

Using Least Privilege to Effectively Meet PCI DSS Compliance

April 25, 2013 Added by:Andrew Avanessian

PCI DSS Requirement guidelines certainly reinforce how compliance has hardened from suggestive or advisory directives to true mandates with hefty fines and strict consequences for those failing to take heed.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Conducting Secure Transactions On-the-go with VPNs

March 20, 2013 Added by:Patrick Oliver Graf

The safeguarding of private customer information has become a top priority for many organizations, thanks in no small part to government regulation and industry oversight, as we move toward an increasingly digital world.

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

How to comply with PCI DSS 6.3

March 09, 2013 Added by:Rohit Sethi

If you process, transmit or store credit card data in your software then you’re likely subject to the Payment Card Industry Data Security Standard (PCI DSS). One of the most onerous sections of the PCI DSS is requirement 6: Develop and maintain secure systems and applications.

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

Passing the New Guidelines on PCI Risk Assessments

March 07, 2013 Added by:Stephen Marchewitz

While PCI DSS compliance has been a requirement for several years now, it’s been fairly subjective as to what a compliant program looks like and how an organization actually goes about it. While that can still look to be the case, here are a few things to consider.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Pre-Authorization Data – The Card Brands Weigh In

January 28, 2013 Added by:PCI Guru

Acquiring banks, for the most part, cannot answer basic questions about the PCI DSS, so we are supposed to believe that they are experts on retention of pre-authorization data based on a company’s vertical market and region? Talk about passing the buck...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »