Let's cut to the chase: PCI compliance for retailers, banks and service providers is hard.
Michael Gavin, security strategist at Security Innovation, a PCI QSA and ASV assessment firm, offers his insights on PCI compliance struggles, i.e. the Hannaford breach, and the reality that there is no absolute security. A...
Diana Kelley, partner at Security Curve, an information security advisory company that performs PCI audits shares her insights into the PCI issues facing both financial institutions and retailers.
Kelley, a former information security analyst at Burton Group, was previously an information security advisor at top...
With the recent Hannaford data breach, the Payment Card Industry Data Security Standard (PCI-DSS) has come into question - how effective is it really?
Bob Russo, general manager of the PCI Security Standards Council recently shared his views on what happened at Hannaford, as well as other topics.
The hackers that broke into Hannaford Brothers, a northeast U.S. grocery chain, may have spawned other attacks, including one at Okemo Resorts in Ludlow VT. As law enforcement and forensic experts continue to sift through the evidence of these attacks, the retailer and the ski resort remain mum on further...
The price tag for The TJX Companies, Inc.(NYSE: TJX) to settle with MasterCard and its card-issuing banks is $24 million. This settlement, announced this week, comes on the heels of the TJX settlement with the Federal Trade Commission in late March.
While many in the industry see the FTC's settlement (no fines, but...
It has been more than six months now since the June 30, 2007, deadline for companies to show that they are in compliance with the Payment Card Industry Data Security Standards (PCI-DSS). To gauge the level of compliance and relative success of PCI-DSS, we recently caught up with Chris Farrow, Board Member at PCI...
If 2007 is any indication, then 2008 is going to be a wild year for financial institutions facing a slew of risk management issues.
Hanging like the sword of Damocles above all is the subprime mortgage crisis, which sees institutions looking for ways to avoid foreclosures and challenges surrounding underwriting....
You've seen the biggest stories and security incidents of 2007. Now here's a list of the most popular federal agency releases and regulations of the year.
The TJX data breach. The Bank of India hack. The San Diego County wildfires. It's been a year full of memorable disasters - and some notable recoveries and regulations, too.
As we reflect on the biggest stories of 2007, it's clear that bad news was big. Some of our most popular stories were about Commerce Bank,...
The TJX Companies, Inc. (NYSE: TJX) may have agreed to pay more than $40 million in a recently-announced settlement with Visa, but the collateral damage might have been significantly worse had the case gone to trial and revealed details of the security/compliance conditions that allowed customer data to be breached....
The TJX Companies, Inc. (NYSE: TJX) and Visa have announced that TJX has agreed to fund up to $40.9 million for payments to certain financial institutions following the much-publicized data breach of its computer systems.
Information Security Media Group recently attended the BAI Retail Delivery Conference 2007 in Las Vegas. Our correspondents covered the expo floor from a vendor point of view, and we spoke with a number of vendors who had products or services specific to information security. In general, the vendors that had some sort...
ELAN WINKLER: If you take a look at just complying with HIPPA as an individual project, and then worry about how you are going to comply with SOX, and then worry about how you are going to comply with PCI, you are doomed to fail. If you look at compliance as an individual project it ain’t going to work;...
Featuring Elan Winkler, Director of Messaging Product Marketing, Secure Computing
Listen to this interview for insights on how to create a "culture of compliance", building the right systems, processes and skills to solidify your regulatory compliance program today - and for the future.
Among the topics...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.