The TJX Companies, Inc. (NYSE: TJX) may have agreed to pay more than $40 million in a recently-announced settlement with Visa, but the collateral damage might have been significantly worse had the case gone to trial and revealed details of the security/compliance conditions that allowed customer data to be breached....
The TJX Companies, Inc. (NYSE: TJX) and Visa have announced that TJX has agreed to fund up to $40.9 million for payments to certain financial institutions following the much-publicized data breach of its computer systems.
If your company transfers, transmits or processes credit card data you fall under the Payment Card Industry Data Security Standard (PCI DSS). However although the PCI DSS was developed to protect credit card data, it is fast becoming a security standard for all sensitive company data such as patient records,...
Information Security Media Group recently attended the BAI Retail Delivery Conference 2007 in Las Vegas. Our correspondents covered the expo floor from a vendor point of view, and we spoke with a number of vendors who had products or services specific to information security. In general, the vendors that had some sort...
With the recent rise in data breaches and identity thefts, implementing a sound information security program is no longer optional. Companies processing credit card information are encouraged to embrace and implement sound data protection strategies to protect the confidentiality and integrity of payment information....
The PCI regulation has specific requirements around log data centralization, archiving, monitoring and reporting for security and auditing. Unfortunately organizations face a huge challenge meeting these requirements easily, efficiently and affordably.
There are over eighteen distinct requirements related to log...
Since January 2005, over 167 million credit card numbers have been exposed due to security breaches. Many of the most damaging breaches were the result of hackers exploiting flaws in software. With the PCI Security Standard Council's regulations recently expanding to include specific mandates to assess software for...
ELAN WINKLER: If you take a look at just complying with HIPPA as an individual project, and then worry about how you are going to comply with SOX, and then worry about how you are going to comply with PCI, you are doomed to fail. If you look at compliance as an individual project it ain’t going to work;...
Featuring Elan Winkler, Director of Messaging Product Marketing, Secure Computing
Listen to this interview for insights on how to create a "culture of compliance", building the right systems, processes and skills to solidify your regulatory compliance program today - and for the future.
Among the topics...
But More Work Necessary to Secure Customer Data, Confidence If the TJX data breach had not occurred, the increased push by retailers to comply with Payment Card Industry Data Security Standard (PCI-DSS) also may not have happened. This much-publicized incident seems to be the one that has most spurred merchants and...
RICHARD SWART: Hi, this is Richard Swart with Information Security Media Group, publishers of BankInfoSecurity.com, and CUInfoSecurity.com. Today, we will be speaking with Bruce Sussman, the Senior Manager at Crowe Chizek, who has almost 20 years of experience in the banking information security and audit community....
Bruce Sussman, Senior Manager at Crowe Chizek's Risk & Attest Group speaks on meeting the challenges of PCI compliance and stopping data leakage.
Sussman draws upon his extensive experience as a VP of Audit, Fraud and Risk for one of the leading payment card networks and as a thought leader for the PCI compliance...
You know - all merchants and service providers that store, process, or transmit credit card data must comply with the Payment Card Industry (PCI) Data Security Standards (DSS) mandates.
Did you know?
� Acquirers will be fined $5,000 to $25,000 a month for each merchant who does not validate PCI...
Two members of the PCI Standards Council who are database security experts say the way to prevent a TJX-type breach from happening at your institution is simple -- be compliant with the Payment Card Industry Data Security Standard.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.