In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
As the dark world of cybercrime evolves with new techniques, such as social engineering and planting insider threats, every company (large or small) is a potential target and no platform is off limits - even IBM i.
This white paper has everything you need to implement PCI's latest requirements smoothly, secure...
A class action lawsuit filed by two banks against Target in the wake of its 2013 breach has an unusual twist: It seeks damages from Target and Trustwave, allegedly the retailer's qualified security assessor. Experts offer an analysis.
Banking institutions should be evaluating zero-day vulnerability risks posed by Microsoft's dropping of support next month for Windows XP. But experts say their biggest concern should be how those vulnerabilities will affect customers and vendors.
This case study focuses on a large Canadian airline that covers all destinations in North America. It discusses the preparations the airline took towards Payment Card Industry Data Security Standard (PCI DSS) assessment and compliance. It explains how the airline built a system using Intel Expressway Tokenization...
In this paper, Payment Card Industry Data Security Standard (PCI DSS) expert and QSA Walter Conway takes you on a deep dive tour of tokenization techniques and their merits. He also demystifies tokenization by discussing use cases, comparing it to encryption and providing various alternatives for implementing...
Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted standard that applies internationally to any organization that accepts, captures, stores, transmits or processes credit and debit card data. Many organizations, however, have mandates to protect Personally Identifiable Information (PII). In...
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
As Congressional leaders look for answers about why U.S. card security is failing, there hasn't been enough discussion surround why EMV can't easily fix our system. And the card brands have been conspicuously absent from the debate.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Target Corp.'s revelation that personal information about up to 70 million customers was breached in a recent malware attack raises new questions about Target's security practices and risks to consumers.
Version 3.0 of the PCI Data Security Standard goes into effect Jan. 1, 2014. What steps should organizations be taking to prepare for implementation of the standard? Troy Leach and Bob Russo of the PCI Security Standards Council explain.