New & Notable
PCI Data Security Standard News
November 12, 2014
Pain points related to finding indicators of compromise in system logs and CDE outsourcing have led to a pair of new PCI special interest groups that will begin work next year.
October 20, 2014
The newly launched Apple Pay mobile payment system could deliver the most secure shopping experience for U.S. customers yet, though it still may not be perfect.
October 02, 2014
In this presentation, compliance expert Nancy Rodriguez offers a line-by-line review of the key PCI DSS changes that become mandatory as of Jan. 1, 2015.
September 05, 2014
News roundup: The recent Goodwill security breach has been blamed on a third-party service provider, highlighting the need for due diligence. Plus: Mobile device theft; Android app vulnerabilities and a 12-year-long cyber-espionage network.
PCI Data Security Standard Get Started
Bring yourself up to speed with our introductory content
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike Chapple analyzes which is the better option for cost efficiency. Continue Reading
A cardholder data environment or CDE is a computer system or networked group of IT systems that processes, stores and/or transmits cardholder data or sensitive payment authentication data, as well as any component that directly connects to or ... Continue Reading
Cardholder data (CD) refers to the primary account number (PAN) of a payment card belonging to a cardholder, along with any of the following data types: cardholder name, expiration date or service code (a three- or four-digit number coded onto the ... Continue Reading
Evaluate PCI Data Security Standard Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Gartner analyst Avivah Litan discusses how Gartner clients are reacting to the changes in PCI DSS 3.0, and whether the increased rigor in the standard will prove beneficial to enterprises. Continue Reading
Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs. Continue Reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program. Continue Reading
Manage PCI Data Security Standard
Learn to apply best practices and optimize your operations.
Mainframe security is a largely overlooked topic by QSAs assessing compliance with PCI DSS, but expert Mike Villegas explains why enterprises can't ignore the key security controls to ensure mainframe compliance. Continue Reading
The deadline to meet the PCI DSS 3.0 changes for mandatory compliance is right around the corner. Expert Mike Chapple explains what the changes are and how to prepare for them. Continue Reading
The new information supplement offers advice on how to address obstacles in maintaining year-round PCI compliance, even though PCI experts say the challenge is only getting harder. Continue Reading
Problem Solve PCI Data Security Standard Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Expert Mike Chapple offers insight on how to maintain PCI DSS compliance when outsourcing Web hosting to a PCI-compliant provider. Continue Reading
PCI DSS compliance has little bearing on customer retention, so is it worth the effort? Mike Chapple explains why companies must comply with PCI DSS. Continue Reading
Employees play an important role in achieving and maintaining regulatory compliance, explains compliance expert Mike Chapple. Continue Reading