Access "PCI update could mean clarity or confusion"
This article is part of the September 2010 issue of 2010 Security Readers' Choice Awards
PCI DSS has become one of the most controversial standards on the books. Many argue that PCI DSS has made great inroads in improving credit card security. Others contend the standard is a distraction from true security, and that the effort is too prescriptive, confusing, and artificially sets the bar for security and compliance too low. This fall, the PCI Security Standards Council is expected release a series of updates to the standard. PCI VIRTUALIZATION AND IN-SCOPE GUIDANCE COMING What can retailers, merchants and others who handle credit card data expect? Most are hoping for a number of updates that will remove perceived overly subjective interpretations, questions of scope and answer long-awaited virtualization security questions. In August, the PCI SSC released a high-level summary of changes to appear in PCI DSS 2.0. A detailed summary and pre-release version of the standard is scheduled for release in September with a final version published Oct. 28. According to Bob Russo general manager, PCI Security Standards Council, most of the updates this ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
2010 Information Security magazine Readers' Choice Awards
For the fifth consecutive year, Information Security readers voted to determine the best security products. Nearly 1,500 voters participated this year, rating products in 14 different categories.
-
PCI update could mean clarity or confusion
What you can expect from this fall's update to the Payment Card Industry Data Security Standard.
-
2010 Information Security magazine Readers' Choice Awards
-
-
Web 2.0 security threats and how to defend against them
by David Sherry
The collaborative nature of Web 2.0 introduces myriad threats to data that must be proactively countered.
-
Internet privacy tools only go so far
Tools help protect privacy but safeguarding personal data in the age of Google and Facebook is getting harder.
-
Web 2.0 security threats and how to defend against them
by David Sherry
-
Columns
-
Intel acquision of McAfee a head-scratcher
Embedding security in hardware isn't new, but is it worth an $8 billion investment? Time will tell on the Intel-McAfee acquisition.
-
How to develop a data breach response strategy
by Kim Getgen and John W. Woods
Targeted attacks on corporations and their crown jewels have become routine. Companies need to be prepared.
-
Should enterprises give in to IT consumerization at the expense of security?
Bruce Schneier and Marcus Ranum debate the risks associated with employees using personal computing devices.
-
Intel acquision of McAfee a head-scratcher
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...