The launch of the Payment Card Industry Data Security Standard (PCI DSS) has helped expose serious security shortcomings. The IBM System i (AS/400) presents its own unique set of challenges when it comes to PCI compliance. Read this white paper to learn the following:
How the standard relates to the AS/400
How to...
Banking institutions must conduct appropriate security risk assessment and mitigation on all software applications, regardless of whether developed internally, by a vendor or by outside developers.
This is the key point of a recent bulletin from the Office of the Comptroller of the Currency, which regulates and...
Just when you thought PCI deadlines were behind you ...
The deadline for compliance with the Payment Card Industry's Data Security Standard DSS (PCI-DSS) 6.6 requirement is June 30. This requirement describes security steps that are intended to address threats to web applications.
But industry analysts project...
As financial institutions continue to migrate their services and operations online, the Office of the Comptroller of the Currency reminds national banks and their technology service providers about the importance of application security as a component of an information security program.
A new OCC bulletin...
Let's cut to the chase: PCI compliance for retailers, banks and service providers is hard.
Michael Gavin, security strategist at Security Innovation, a PCI QSA and ASV assessment firm, offers his insights on PCI compliance struggles, i.e. the Hannaford breach, and the reality that there is no absolute security. A...
Most companies keep sensitive personal information in their files-names, Social Security numbers, credit card, or other account data-that identifies customers or employees. This information often is necessary to fill orders, meet payroll, or perform other necessary business functions. However, if sensitive data falls...
According to Gartner, 2006 was the worst year for application hacking. But not for the largest US online banks - cyber attacks against applications actually dropped.
Banks, often the biggest target of cyber attacks, have set an example for responsible security strategies. According to the Javelin Strategy and...
Ten Steps for Safeguarding Critical Data
PCI and GLBA require that you guard critical customer and cardholder data. But to manage threats successfully while meeting these compliance challenges, organizations need a security strategy that can successfully do battle with inside as well as outside threats. Now, there is...
New Application Security Regulations: Build Compliance In
History has shown: regulation follows breaches. With over 215 million data records exposed since 2005, the PCI Data Security Standard (PCI DSS) is fast becoming the standard of data security due care. This is effective guidance not only for financial services...
Since January 2005, over 167 million credit card numbers have been exposed due to security breaches. Many of the most damaging breaches were the result of hackers exploiting flaws in software. With the PCI Security Standard Council's regulations recently expanding to include specific mandates to assess software for...
The focus on information security is not just a passing phase”we have seen it sustained over the past couple of years, and it continues to grow. So you can now begin to place yourself in a position to become that ideal security professional as this role evolves and expands more so for banking and financial...
Given the high cost of containing information security breaches, financial institutions have invested lots of time and money into developing incident response programs. But how do they know if their program is working properly?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.