Emerging Technologies that can Reduce PCI Scope

November 17, 2009 Added by:Sean Inman

In recent months, the PCI Security Standards Council has continued to weigh the merits of what they have deemed as “emerging technologies”. The first is end to end encryption and the other is tokenization. These two solutions have quickly become the favorites among all other emerging technologies.

Comments  (0)


A Loss of One of Our Own

October 29, 2009 Added by:Sandra Avery

I am still shocked and saddened by the very sudden loss of David Taylor, founder of PCI knowledgebase.  David passed away on Tuesday after suffering a sudden heart attack. Those of us who have anything to do with PCI compliance either know or know of David Taylor.

Comments  (1)


Mitigating Risks by Leveraging a Core Business Process

October 20, 2009 Added by:Mike Cuppett

When it comes to audits and other compliance requirements - think Sarbanes-Oxley, PCI-DSS, internal and external audits, etc. - people tend to get a bit uptight and flustered. Fortunately, by keeping a calm head and a rational perspective, your reaction to these challenges can be cool and calm, allowing you to leverage a methodology you already know - risk mitigation.

Comments  (0)


The Fully Auditable Cloud - Fact or Fiction

October 12, 2009 Added by:Bob Broda

Cloud computing is a rapidly growing phenomena that is being evaluated by companies of all sizes.   Though it has many positives, much of corporate America is not yet ready to accept migrating major applications to the cloud until concerns about security, privacy, and reliability are addressed.

Comments  (0)


Top PCI DSS Compliance and Security Marketing Annoyances

October 02, 2009 Added by:Anton Chuvakin

Anton Chuvakin discusses PCI DSS. "Don’t misspell PCI DSS. It is not “PCI DDS”, and even not “PCIDSS.” BTW, if you want to impress PCI literati, make sure that “PCI DSS” has a space, while “PA-DSS” has a dash.Most definitely, do not pretend that you address ALL PCI DSS requirements for the only reason of wanting to look good."

Comments  (0)


PCI Auditor Being Sued for Certifiying CardSystems as Compliant

July 13, 2009 Added by:Infosec Island Admin

Savvis is being dragged into court to defend their PCI DDS certification of CardSystems in 2004, which was subsequently responsible for losing a quarter of a million credit card numbers. This is the first of potentially many legal actions against PCI auditors that certified organizations as compliant, when they were subsequently breached and responsible for the loss of consumer cred...

Comments  (2)


Heartland Regains PCI Compliant Status

May 03, 2009 Added by:Anthony M. Freed

Heartland’s removal from the list of compliant payment processors had followed revelations that the company had suffered what may have been the largest data breach of payment card information to date, although details of the incident have not been made available due to ongoing investigations...

Comments  (5)


Payment Card Industry Swallows Its Own Tail

April 01, 2009 Added by:Anthony M. Freed

The greatest threat to the survival of PCI DSS (Payment Card Industry Data Security Standard) may not be the ever-evolving tactics of the criminal hackers, but instead the dysfunctional nature of the relationships between the very parties the standards are meant to serve...

Comments  (2)


Visa Puts Heartland on Probation Over Breach

March 13, 2009 Added by:Anthony M. Freed

HPS is now in a probationary period, during which it is subject to a number of risk conditions including more stringent security assessments, monitoring and reporting. Subject to these conditions, Heartland will continue to serve as a processor in the Visa system...

Comments  (1)


Heartland CEO Now Under SEC Investigation

February 26, 2009 Added by:Anthony M. Freed

The investigation may relate to stock trades made by Heartland CEO Robert Carr after Visa notified Heartland of suspicious activity on Oct. 28, 2008. According to insider trade filings, Carr sold just under US$8 million worth of stock between Oct. 29 and the day the breach was disclosed...

Comments  (2)


Heartland Update: Reps Respond to Questions

February 01, 2009 Added by:Anthony M. Freed

Heartland first learned of a potential problem from the card associations on October 28th of last year, well after the announcement of this 10b5-1 plan. Heartland categorically denies that Mr. Carr was aware of a potential security breach at the time he adopted his trading plan...

Comments  (2)

Page « < 16 - 17 - 18 - 19 - 20 > »