PCI DSS News
April 01, 2014
It remains unclear whether Trustwave could be held liable for Target's massive 2013 data breach in future litigation.
March 12, 2014
PCI compliance may be nearly impossible after the April 2014 Windows XP end-of-life date if merchants don't address vulnerable XP-based POS systems.
February 10, 2014
In its 2014 PCI Compliance Report, Verizon says that during a three-year period, fewer than one out of every nine companies passed all 12 requirements.
January 16, 2014
With news of more retail breaches imminent, experts say point-of-sale security is just one of many payment-processing infrastructure problems.
PCI DSS Get Started
Bring yourself up to speed with our introductory content
For companies worried about the latest EU data breach notification requirements, expert Mike Chapple says to look to the PCI DSS framework. Continue Reading
The PCI DSS penetration testing requirement becomes more rigorous with the release of PCI 3.0. Expert Mike Chapple details the change. Continue Reading
PCI DSS 3.0 is the third major iteration of the Payment Card Industry Data Security Standard, a set of policies and procedures administered by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the security of electronic payment data and sensitive authentication data. Continue Reading
Evaluate PCI DSS Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Don't just stick to test and dev. There are plenty of good reasons to put production workloads in the public cloud. Continue Reading
Ed Moyle details the three most important PCI DSS 3.0 requirements that enterprises must abide by to ensure PCI compliance in the cloud. Continue Reading
Security expert Ed Moyle explains the CSA STAR certification program and how enterprises can use it to improve cloud provider security evaluations. Continue Reading
Manage PCI DSS
Learn to apply best practices and optimize your operations.
As the Target breach proved, RAM-scraping malware is difficult to detect. Learn best practices to defend against RAM scrapers. Continue Reading
Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden. Continue Reading
Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements. Continue Reading
Problem Solve PCI DSS Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor. Continue Reading
When evaluating website security service providers, expert Michael Cobb says be sure to ask for qualifications, references and past work examples. Continue Reading
PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later. Continue Reading