Manage

PCI compliance

• 5 PCI DSS best practices to improve compliance

  Increased rates of PCI noncompliance are worth examining, as are PCI DSS best practices and tips for small and medium-sized companies. Read more in-depth compliance coverage here. Continue Reading

• How PCI DSS compliance milestones can be a GDPR measuring stick

  Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading

• Data protection requirements start with firm grasp of GRC needs

  Corporate data protection requirements are complex, but determining a company's unique GRC needs is an essential first step to information security. Continue Reading

• Intelligence-driven security has benefits, but beware its limits

  In this video, Vantiv CSO Kim Jones discusses why a lack of hard data makes some iterations of intelligence-driven security not so intelligent. Continue Reading

• The ABCs of meeting quarterly PCI scanning requirements

  For some organizations, quarterly PCI DSS scanning requirements create confusion. Here are tips on the PCI scanning process to help stay compliant. Continue Reading

• Audit management: Five strategies to streamline the PCI audit process

  Tired of the same Payment Card Industry (PCI) assessment headaches every year? Here are five process strategies to streamline the PCI audit process.Continue Reading

• Log management and compliance: What's the real story?

  As more companies deploy security information and event management tools, as well as log management solutions, it's time to take a look at the regulations that apply to logging.Continue Reading

• PCI DSS requirement: Maintaining a vulnerability management program

  The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place.Continue Reading

• Inside Ryder Truck Rental's PCI compliance project

  In 2007, Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, kicked off a PCI project aimed at addressing any credit card exposures.Continue Reading

• Does using ISO 27000 to comply with PCI DSS make for better security?

  PCI DSS is under fire for not providing enough security in the process of securing credit card data. Using ISO 27000 to complement PCI may provide better compliance and security.Continue Reading

• PCI DSS compliance requires new vendor management strategy

  Requirement 12.8 requires a better vendor management strategy for PCI DSS compliance.Continue Reading

• Why it may not be ideal for your lawyer to be your compliance officer

  While lawyers bring a certain expertise to the table, business leaders need a broader range of technical, security and communications skills in their compliance officers.Continue Reading

• PCI DSS 3.1 requirement best practices

  Requirement 3.1 of the PCI Data Security Standard requires minimum cardholder data storage. In this tip, learn how to determine how much data your organization should store.Continue Reading

• PCI DSS pre-assessment: Managing the process to limit liability

  Conducting a PCI DSS pre-assessment can save quite a few headaches later on in the compliance process. However, it can create a lot of new ones if it isn't managed with liability in mind. Contributor Rick Lawhorn offers a brief primer on the ...Continue Reading