|
Jun 12
2012
|
 |
Please feel free to use this “compliance dashboard” spreadsheet to sustain your PCI compliance journey.
User Blogs
Discussions and Blogs
Tags >> PCI
|
Nov 16
2011
|
Almost 80% of Retailers Data At High RiskPosted by Robert Siciliano in PCI |
 |
The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
|
Nov 15
2011
|
|
According to the 2011 Verizon Payment Card Industry Compliance Report, requirement 11 - "Regularly test security systems and processes" - is the one least met, so I thought I would dedicate a few newsletters to this subject, starting with the definition and source of vulnerabilities.
The term "vulnerabilities" is often used in the PCI DSS standard to mean the following (per the definition given by the Council):
|
Oct 31
2011
|
|
Please feel free to use this “compliance dashboard” spreadsheet to sustain your PCI gap analysis exercise. It encompasses:
|
Oct 24
2011
|
|
There are circumstances where companies could face some technical or business impediments preventing them from implementing the requirements as explicitly stated in the standard. Does this mean that these companies could never achieve and maintain compliance?
|
Oct 20
2011
|
Cloud-Based ATMs Coming Your WayPosted by Robert Siciliano in PCI , Cloud Security , Cloud |
|
Criminals often target cash machines, as well as various other automated kiosks that dispense DVDs, tickets, or other merchandise. They have discovered numerous techniques for compromising these devices. According to the ATM Industry Association (ATMIA), ATM fraud alone results in over a billion dollars in losses each year.
|
Oct 10
2011
|
New PCI Compliance Dashboard - AvailablePosted by Didier Godart in PCI |
|
The PCI Compliance Dashboard is a spreadsheet providing a single view on all information you need to complete the PCI Compliance process without requiring to open multiple documents on the side.
|
Oct 03
2011
|
|
In newsletter #4 we saw that the payment brands classify organizations accepting and processing credit cards into “levels.” Levels are related to the number of transaction processed annually on the payment brand networks and are used to indicate what compliance validation procedures and reporting requirements targeted entities are expected to complete.Do not mistake “Levels” for “Types”!
|
Oct 03
2011
|
|
If you ever endeavour getting data about the compliance rate from PCIco or the Payment Brands you would know how challenging it is, probably more challenging than finding the Holy Grail. So in this context the release of the Verizon 2011 Payment Card Industry Compliance Report is quite enlightening for the security industry and merchant community. It gives us a good sense of reality of the field.
|
Sep 24
2011
|
|
Retailers can temporarily rejoice (for about a minute) now that six cyber villains have been caught in two different international credit card fraud rings.
|
Sep 08
2011
|
|
What is a level?
“Levels” is a classification of organizations accepting and processing credit cards. They are defined and used by the payment brands to indicate what compliance validation procedures and reporting requirements targeted entities are expected to complete.
|
Sep 02
2011
|
|
In this newsletter we will distribute the roles for the PCI play.
Regulators (scenarists and directors)
Community
Coverage
About Us
Follow our Tweets
Subscribe via Email
| Your Email: |
Subscribe via Email
| Your Email: |
Tag Cloud
Analyst Blogs
© 2012 Executive IT Forums Inc
All Rights Reserved.
