PCI Data Security Standard
- April 15, 2015
PCI DSS 3.1 grants merchants about 14 months to nix flawed SSL and TLS protocols, but demands they quickly provide detailed new documentation on how they plan to make the transition.
- March 31, 2015
The PCI SSC has issued prescriptive new supplemental guidance on penetration testing in an effort to reverse current trends and improve merchant compliance.
- March 30, 2015
The PCI Security Standards Council has confirmed that PCI DSS 3.1 will be released in just a few weeks. According to a Gartner analyst, the surprise new release could cause major problems for merchants.
- March 11, 2015
The 2015 edition of the Verizon PCI report shows enterprises are, on the whole, getting better at achieving full PCI compliance. Unfortunately, few can sustain it.
- February 20, 2015
News roundup: Amid hidden add-ons, discontinued services and walled gardens, vendor trust proves elusive for several high-profile tech firms. Plus: Evidence ties North Korea to Sony Pictures hack; card brands boost cybersecurity; and cookies that ...
- February 13, 2015
News roundup: While data sharing can boost intelligence and improve security, recent events show the benefits don't always outweigh the pitfalls. Plus: Chip-enabled POS systems coming quickly; MongoDB databases exposed; sophisticated phishing scams.
- February 10, 2015
Visa and MasterCard are putting pressure on merchants to implement Chip and PIN technology, and while it will improve transaction security, it won't make PCI compliance any easier.
- January 16, 2015
In a sneak preview of its 2015 PCI Compliance Report, Verizon says improper firewall maintenance is among the leading causes of PCI DSS compliance failures.
- December 30, 2014
As PCI DSS 3.0 becomes mandatory on Jan. 1, QSAs say struggling merchants will find that a continuous approach to PCI compliance eases the long-term compliance burden.
- December 09, 2014
Trustwave says one out of every five organizations has no controls in place to prevent sensitive data exposure, despite growing criminal interest.
- November 12, 2014
Pain points related to finding indicators of compromise in system logs and CDE outsourcing have led to a pair of new PCI special interest groups that will begin work next year.
- October 20, 2014
The newly launched Apple Pay mobile payment system could deliver the most secure shopping experience for U.S. customers yet, though it still may not be perfect.
- October 02, 2014
In this presentation, compliance expert Nancy Rodriguez offers a line-by-line review of the key PCI DSS changes that become mandatory as of Jan. 1, 2015.
- September 05, 2014
News roundup: The recent Goodwill security breach has been blamed on a third-party service provider, highlighting the need for due diligence. Plus: Mobile device theft; Android app vulnerabilities and a 12-year-long cyber-espionage network.
- August 28, 2014
The new information supplement offers advice on how to address obstacles in maintaining year-round PCI compliance, even though PCI experts say the challenge is only getting harder.