Manage
Learn to apply best practices and optimize your operations.
PCI compliance
5 PCI DSS best practices to improve compliance
Increased rates of PCI noncompliance are worth examining, as are PCI DSS best practices and tips for small and medium-sized companies. Read more in-depth compliance coverage here. Continue Reading
How PCI DSS compliance milestones can be a GDPR measuring stick
Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
Data protection requirements start with firm grasp of GRC needs
Corporate data protection requirements are complex, but determining a company's unique GRC needs is an essential first step to information security. Continue Reading
-
Intelligence-driven security has benefits, but beware its limits
In this video, Vantiv CSO Kim Jones discusses why a lack of hard data makes some iterations of intelligence-driven security not so intelligent. Continue Reading
The ABCs of meeting quarterly PCI scanning requirements
For some organizations, quarterly PCI DSS scanning requirements create confusion. Here are tips on the PCI scanning process to help stay compliant. Continue Reading
Audit management: Five strategies to streamline the PCI audit process
Tired of the same Payment Card Industry (PCI) assessment headaches every year? Here are five process strategies to streamline the PCI audit process.Continue Reading
Log management and compliance: What's the real story?
As more companies deploy security information and event management tools, as well as log management solutions, it's time to take a look at the regulations that apply to logging.Continue Reading
PCI DSS requirement: Maintaining a vulnerability management program
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place.Continue Reading
Inside Ryder Truck Rental's PCI compliance project
In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures.Continue Reading
Does using ISO 27000 to comply with PCI DSS make for better security?
PCI DSS is under fire for not providing enough security in the process of securing credit card data. Using ISO 27000 to complement PCI may provide better compliance and security.Continue Reading
-
PCI DSS compliance requires new vendor management strategy
Requirement 12.8 requires a better vendor management strategy for PCI DSS compliance.Continue Reading
Why it may not be ideal for your lawyer to be your compliance officer
While lawyers bring a certain expertise to the table, business leaders need a broader range of technical, security and communications skills in their compliance officers.Continue Reading
PCI DSS 3.1 requirement best practices
Requirement 3.1 of the PCI Data Security Standard requires minimum cardholder data storage. In this tip, learn how to determine how much data your organization should store.Continue Reading
PCI DSS pre-assessment: Managing the process to limit liability
Conducting a PCI DSS pre-assessment can save quite a few headaches later on in the compliance process. However, it can create a lot of new ones if it isn't managed with liability in mind. Contributor Rick Lawhorn offers a brief primer on the ...Continue Reading