As payment card fraud schemes continue to evolve, the PCI Security Standards Council has to recalibrate its standards and programs, says Troy Leach, the council's CTO, who describes three key updates.
Security experts analyze the potential impact of recently announced changes to the PCI Security Standards Council's Qualified Integrators and Resellers Program that are designed to help smaller merchants prevent breaches.
A one-off approach to PCI DSS compliance often results in increased risk factors by creating discrepancies in security levels between environments within the shared network. Such an approach can be overcome by focusing on a central governance, risk, and compliance program designed to manage your organization's own...
The PCI Security Standards Council is creating a payments software framework, including two new standards that can evolve as the software rapidly changes, Troy Leach, the council's CTO, explains in this in-depth interview.
Global hotel chain Hilton has reached a $700,000 settlement agreement with New York and Vermont over two separate data breaches discovered in 2015 that exposed more than 360,000 payment card numbers.
Healthcare organizations, regardless of size, IT resources and budget, are faced with adequately protecting sensitive information and complying with HIPAA, PCI and other requirements. But many organizations that need to develop more mature cybersecurity programs struggle with where to start. What will deliver the most...
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
The blurred lines between personal and business use of social media makes compliance with the more than 10,000 rules and regulations an impossible task. However, with nearly a dozen regulators who have control of bank's social media usage, compliance among your employees, partners and customers is an essential duty....
Fraudulent social media brand pages are often used for phishing, malware, and other scams which negatively impact your customers and damage your brand reputation. How can organizations take action against these accounts?
Download this whitepaper and learn how to:
Identify fraudulent accounts;
Create an organized...
The FBI, Gartner, and many other security analysts cite social media as one of the fastest growing security threats. That is why it is important for security teams at organizations with a significant social media presence to gain an understanding of this new attack surface and develop a plan to protect the...
Little has been done to address the social media hacking problem despite continued headlines. Most organizations lack the protective countermeasures or the expertise to mitigate risk and respond to incidents. Few companies know how to re-gain control after an account compromise or how to prevent an attack in the first...
Social media account takeovers have become synonymous with embarrassing headlines that feature well-known companies and figures. If your organization has a prominent account, cyber attackers will see you as a ripe target.
Download this whitepaper and learn:
How these takeovers are possible;
Why the complexity of...
The ongoing struggle to protect sensitive credit card data will continue to escalate. One of the requirements used to tackle this problem is the Payment Card Industry Data Security Standard (PCI DSS). However, one of the biggest challenges for PCI DSS compliance initiatives is treating the standard as a unique and...
Any organization that deals with credit card information must secure payment card data in accordance with PCI standards.
Merchants and service providers are required to validate compliance by assessing their environment against 12 major control categories applicable to applications and data in the data center and the...
Cloud computing initiatives, network monitoring and risk management are driving network security operations. Meanwhile, federal agencies face record levels of threats yet still rely on manual processes and outdated point tools. Agency network security operations must be modernized to streamline network security...