PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
May 2011

Robust information security program key to PCI compliance requirements

Every day, compliance professionals make determined efforts to satisfy the litany of laws, regulations, and policy mandates that make up the information security world, all while fending off relentless attempts by faceless enemies with limited resources and varying degrees of institutional support.  And yet, in this eternal pursuit of the two illusive (if not entirely theoretical) goals of data security and security compliance, there are common mistakes that tend to trip people up. For those that are subject to  PCI compliance requirements, at least PCI DSS provides some specific, if not prescriptive, requirements for internal systems and structures.  But, it doesn’t provide the framework for a security program.  There are practical ways for organizations to build on those technical specifications  and focus their efforts on satisfying their compliance mandate, as well as building a robust, comprehensive information security program. One of the most important points to realize is that “compliant” does not mean “secure.”  This is...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue