In the wake of major security incidents such as the Heartland Payment Systems data breach, critics have focused on the perceived flaws of the Payment Card Industry Data Security Standard (PCI) and the role of qualified security assessors (QSAs).
Following are five myths and realities detailed by PCI compliance...
The Payment Card Industry Data Security Standard (PCI) is one of the hottest topics in information security today. And PCI Quality Security Assessors (QSAs) are among the most sought-after of security professionals.
What, then, does it take to become a QSA?
This white paper details how Tripwire IT security and compliance automation solutions help keep the IT infrastructure in a continuously PCI-compliant - and secure-state.
Tripwire Enterprise does this with a compliance policy for PCI, file integrity monitoring, real-time analysis of change and easy access to...
It has now been one year since the Heartland Payments System breach was made public. What lessons have been learned and what more needs to be done to improve the security of the payment industry?
We asked four information security experts for their take on Heartland: One year later.
A group of seven restaurants in Louisiana and Mississippi has filed a class action lawsuit against point-of-sale vendor Radiant Systems and its distributor Computer World.
The suit claims that hundreds of customers had their identities stolen because the restaurants were sold payments terminals that were not PCI-DSS...
Since the Heartland data breach was announced in January, there's been no shortage of discussion about the Payment Card Industry Data Security Standard(PCI DSS) and its requirements of merchants and payments processors.
But what about financial institutions?
Banks and credit unions store large amounts of...
I was stunned and saddened to learn of the sudden death of David Taylor, one of the most prominent thought-leaders on the Payment Card System Data Security Standard (PCI).
Of all the compliance regulations, mandates and guidelines, you're most likely to encounter PCI. Any vendor, organization, entity, group, business, etc., that accepts and processes credit cards falls under the PCI requirements standard and is subject to its audit cycles.
PCI DSS covers a range of physical and...
What is the future of the Payment Card Industry Data Security Standard (PCI)?
In 2009, PCI was discussed in the context of the Heartland Payment Systems and RBS WorldPay data breaches - is the standard adequate, and what does compliance mean?
In 2010, the talk will be about the next-generation PCI standard - the...
Tokenization or end to end encryption - which solution will win the hearts of data protectors in the race to secure data?
A recent study conducted by PriceWaterhouseCoopers on behalf of the Payment Card Industry Security Standards Council shows that end to end encryption and tokenization are the top choices for...
Since the announcement of the Heartland data breach in January, the merits of the Payment Card Industry Data Security Standard (PCI DSS) have been questioned, and Bob Russo has led the defense.
In an exclusive interview, Russo, general manager of the PCI Security Standards Council, discusses:
Why end-to-end...
The next version of the Payment Card Industry Data Security Standard (PCI DSS), due out some time in 2010, may include guidelines for the use of virtualization technology to protect card data.
This was the prediction of some industry leaders meeting at the Payment Card Industry's Security Standards Council...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.