PCI 3.0 special report: Reviewing the state of payment card compliance

Last updated:November 2013

Essential Guide

Browse Sections

PCI SSC leaders answer questions on PCI 3.0
PCI DSS: A history in pictures
- Visual timeline: The history of PCI DSS
Bonus content: Events in PCI DSS history
- PCI DSS assessors see lessons in TJX data breach
Your questions answered

Article

PCI DSS version 3.0 analysis: The five most important changes

PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later. Read Now

Editor's note

It's been three years in the making. The third iteration of the Payment Card Industry Data Security Standard, arguably enterprise information security's most important and successful mandate, updates the rules merchants must follow to protect customer payment card data.

credit card with padlock

PCI DSS 3.0 raises the bar for vulnerability assessments, password management and provider compliance. Which changes will have the greatest effect on the PCI compliance process? Does PCI 3.0 go too far, or not far enough? How should enterprises prepare for PCI 3.0 assessments in 2015? We tackle those questions and more in this exclusive SearchSecurity special report.

1PCI DSS: A history in pictures

SearchSecurity is pleased to present an original visual timeline detailing the history of the PCI DSS, listing dates, events and people that have been crucial in the creation and evolution of the payment card industry compliance mandate.

Article

Visual timeline: The history of PCI DSS

The origins of the PCI Data Security Standard date to the late 1990s. Explore key events in the history of PCI DSS, from Y2K to PCI DSS 3.0. Read Now

2Bonus content: Events in PCI DSS history

As a supplement to our "Visual timeline: The history of PCI DSS," review these historical articles detailing notable events that shaped the creation and development of the Payment Card Industry Data Security Standard.

Article

PCI DSS assessors see lessons in TJX data breach

According to several PCI auditors, companies should study the TJX security breach for clear lessons on what not to do with customer data. Read Now

SearchCloudSecurity

All about cloud-native application protection platforms
The cloud-native application protection platform, or CNAPP, is the latest in a slew of cloud security acronyms. Learn what it is ...
Why zero-trust models should replace legacy VPNs
Many organizations use legacy VPNs to secure their networks, especially in the work-from-home era. Expert Pranav Kumar explains ...
Cloud-native security benefits and use cases
'Cloud native' has described applications and services for years, but its place in security is less clear. Get insight into ...

SearchNetworking

A review of Cato Networks' SASE Cloud platform
Cato Networks' SASE Cloud lacks certain capabilities and often requires customers to overhaul their legacy infrastructure. But ...
The role of smartNICs in modern enterprise networks
This chapter excerpt from 'Building a Future-Proof Cloud Infrastructure' looks at how smartNICs can support distributed services ...
How smartNIC architecture supports scalable infrastructure
In this Q&A, author Silvano Gai discusses how smartNICs can benefit enterprises by providing more granular telemetry and ...

SearchCIO

FTC rescinds vertical merger guidelines, raises concerns
The FTC recently rescinded its 2020 guidance for vertical mergers. Meanwhile, Pres. Joe Biden plans to nominate a new ...
Top 10 promising 5G use cases CIOs should know
The technological advantages 5G presents are well known. The hard part for business leaders is choosing where 5G implementation ...
3 enterprise uses for virtual reality
As enterprise adoption of virtual reality increases, CIOs are choosing the best ways to use the technology to gain a competitive ...

SearchEnterpriseDesktop

Microsoft offers passwordless login to all customers
All Microsoft customers will be able to replace passwords with biometric identity, security keys or text confirmation to access ...
Evaluate if Chromebooks are secure enough for business use
Chromebooks are cost-effective endpoints that strip away desktop features for a simple desktop experience. Admins should evaluate...
Microsoft announces release date for Windows 11
Windows 11 will include integration with unified communications platform Teams but won't initially include the option to download...

SearchCloudComputing

How to avoid 4 common errors in EC2 Instance Connect
The EC2 Instance Connect feature enables users to securely connect instances, but there are certain pitfalls to avoid. Here are ...
Operational strategies for isolation in cloud computing
While it's inevitable that certain cloud-hosted applications will share resources, the vulnerabilities these connections expose ...
6 steps to build a comprehensive cloud tagging strategy
A poorly executed cloud resource tagging strategy, or having no strategy at all, can cost a bundle down the road. Build the best ...

ComputerWeekly.com

Managing cyber risk through integrated supply chains
High-profile supply chain cyber attacks have caused huge disruption this year. PA Consulting’s Carl Nightingale considers key ...
US sanctions Suex crypto exchange over ransomware links
US Treasury cracks down on cryptocurrency exchange that supposedly facilitated proceeds from multiple ransomware gangs
Investigation launched after MoD email blunder
Exposure of PII on Afghan interpreters who worked with the UK may put hundreds at risk of Taliban reprisals

Close