While many banks and merchants in Britain, France and Germany have long complied with the PCI Data Security Standard, deregulation has led organizations in other European countries to start taking PCI compliance more seriously and use it for competitive advantage.
There's often a dangerous trade-off made between convenience and security. That's illustrated no better than by a recent issue patched by Microsoft. It's an attack so devilishly smooth that it's a wonder hackers had not figured it out before.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
Ten years after the launch of the PCI Data Security Standards Council, the key to ensuring ongoing compliance with the PCI Data Security Standard is winning CEO buy-in worldwide, says Stephen Orfei, general manager of the council.
Achieving international acceptance of PCI-DSS is an ongoing challenge, says Jeremy King, international director of the PCI Security Standards Council, who's working to educate merchants about baseline security that goes far beyond cardholder data protection.
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
As the PCI Security Standards Council celebrates its 10th anniversary, Troy Leach, the council's chief technology offer, offers his assessment of how its Payment Card Industry Data Security Standard could evolve in the next 10 years.
As we prepare to mark the tenth anniversary of the PCI Security Standards Council, it's time to assess the impact PCI-DSS has had on payments security and consider whether it will remain a viable standard 10 years from now. A series of upcoming reports will address these topics.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.
Health insurer Anthem, the victim of a massive hacker attack, failed in its effort to persuade a court to allow it to inspect certain customers' computers to help it fight a class-action lawsuit tied to the breach. Why did Anthem make the move? And what issues does it raise?
Revelation of 321 attempts to place ransomware on federal government computers in the second half of last year raises a number of questions about the effectiveness of the Einstein intrusion detection and prevention system as well as how the government responds to such attacks.
PCI DSS 3.1 is scheduled to become effective as of June 30, 2016, and with that comes several changes - and challenges for security professionals. In an interview, Dell's Tim Brown discusses why network security is instrumental to ultimately meeting PCI DSS 3.1.
The PCI Security Standards Council envisions a single, globally-unified data security standard. Now that the European Card Payment Association is a strategic regional member, that goal is significantly closer, says Jeremy King, the council's international director.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.