Security Management Strategies for the CIOWith the goal of reducing fraud, the credit card associations' PCI standard scores points for clarity.
 |
|
|
|
|||
|
|
|
|
|||
| ||||||
| ||||||
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
|
|
|
||||
|
Accounts compromised: 55,000,000 Credit-card fraud losses: $1,000,000,000 Complying with a straightforward standard: Priceless Source: Privacy Rights Clearinghouse, number of accounts compromised since ChoicePoint breach in February 2005; The Nilson Report, $1.05 billion in credit-card fraud in 2004. |
||||||
| ||||||
|
|
|
|
|||
| ||||||
| ||||||
Getting corporate executives to approve money for security projects can be like pulling teeth. But when Erik Goldoff, IT systems manager at The Honeybaked Ham Company, explained to the company's top brass the steep penalties for not complying with the Payment Card Industry Data Security Standard, dollars earmarked for security soon flowed.
"From down in IT, it's very difficult to get any cost approved that doesn't generate revenue," says Goldoff. "If there is not some substantial return, [a project] may get sidelined or pushed to the next fiscal year."
The Norcross, Ga.-based specialty meat retailer is among the thousands of companies working to comply with the standard--more commonly known as PCI--created by credit card associations. Nearly a year after the deadline for PCI compliance, many large companies are well along in the implementation of IT security measures designed to protect cardholder information. At least five million U.S. merchants are affected by PCI, according to Visa U.S.A.
This was first published in May 2006
Join the conversationComment
Share
Comments
Results
Contribute to the conversation