The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.
Experts debate the value of new PCI guidance for how businesses should use penetration testing to identify network vulnerabilities that could be exploited for malicious activity. Does the new advice go far enough?
Although breaches affecting U.S. retailers are widely reported, Verizon's new PCI Compliance Report shows increases in the theft of payment card data and other personal information span numerous industries in all international markets.
Despite commitments by leading payment card brands to enhance security, some critics say the White House cybersecurity summit produced no specifics for how the public and private sectors will curb cyber-fraud.
Data breaches are inevitable, hence it's up to executives to ensure their enterprise is secured, without trying to encrypt everything, warns Prakash Panjwani, president and chief executive officer of SafeNet.
U.S. card issuers and retailers agree tokenization has to be part of the country's EMV migration. But making investments in tokenization won't make sense for merchants until a universal, open standard for tokenization is developed.
In new guidance from the PCI Council, its leaders outline why businesses that handle card data need to address employee education. Here, experts explain why this guidance is a positive step for card security.
As a result of the Home Depot breach, which compromised 56 million cards, credit unions have spent nearly $60 million dealing with card reissuance and fraud costs, according to the Credit Union National Association.