Email Alerts
-
PCI Council readying end-to-end encryption guidance
The PCI Security Standards Council is studying a number of emerging technologies and plans to issue a guidance document on end-to-end encryption when it releases the next version of the PCI Data Security Standards (PCI DSS), due out in October. Bob R... Interview
-
The future of PCI DSS
Bob Russo, General Manager of the PCI Security Standards Council, discusses upcoming changes to the PCI DSS, including what new changes might be mandated, and when they might go into effect. Video
-
Re-evaluating QSA training
Recently, the PCI QSA training process has come under scrutiny over the quality of individual PCI assessors. In part two of this interview, Bob Russo, General Manager of the PCI Security Standards Council, sheds light on changes to the training proce... Video
-
Understanding tokenization amid PCI encryption requirements
This mini learning guide offers a brief introduction to tokenization technology, as well as PCI DSS encryption requirements. Learn more about the future of tokenization and how the technology may help to ease PCI DSS compliance burdens. Learning Guide
-
PCI tokenization push promising but premature, experts say
Merchants see value in the technology helping to reduce the scope of a PCI assessment, but a lack of standards and complexity issues are a cause for concern. Article
-
PCI compliance requirements affect IT risk assessments
In their book PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, authors Dr. Anton Chuvakin and Branden Williams discuss how to best approach PCI compliance requirements in your organization. Tip
-
Is a PCI DSS report on compliance confidential?
Learn about the confidentiality of a PCI report on compliance, and a compliance audit report in general in this expert response from Ernie Hayden. Ask the Expert
-
No major PCI DSS revision expected in 2010
The next revision of PCI DSS will contain clarifications, but no major revisions, according to Bob Russo, general manager of the PCI Security Standards Council. Article
-
PCI QSAs, certifications to get new scrutiny
The PCI Security Standards Council now has a team of five reviewing PCI assessments for inconsistencies and has increased funding for its QSA oversight program. Article
-
How to reduce PCI DSS security scope for an audit
PCI DSS audits can be a lot easier if the scope is narrow. Learn how to consolidate and store sensitive data in order to best reduce PCI DSS security scope. Ask the Expert
Security Management Strategies for the CIO