PCI compliance
New & Notable
PCI compliance News
-
May 05, 2016
05
May'16
PCI DSS 3.2 multifactor requirement among the version's biggest changes
Details surrounding the updated Payment Card Industry Data Security Standard show that version 3.2 includes new multifactor authentication and encryption requirements. Also in recent GRC news: SEC ...
-
February 05, 2016
05
Feb'16
Barclays, Credit Suisse to pay $154M for 'dark pool' trading violations
The U.S. Securities and Exchange commission announced last week that global banks Barclays and Credit Suisse would pay a record total of more than $154 million to settle allegations over "dark ...
-
January 07, 2016
07
Jan'16
Repeat HIPAA violators face minimal ramifications
Despite several HIPAA violations, recent data analysis found U.S. healthcare providers such as CVS and the VA face few punitive actions. Also in recent GRC headlines: Companies have two more years ...
-
May 18, 2010
18
May'10
Should there be PCI security requirements for bank account data?
Gartner analyst wonders why no PCI-like standard exists for bank account information, which online criminals are targeting.
PCI compliance Get Started
Bring yourself up to speed with our introductory content
-
PCI DSS (Payment Card Industry Data Security Standard)
The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal ... Continue Reading
-
regulatory compliance
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Continue Reading
-
PCI DSS merchant levels
Merchant levels are used by the payment card industry (PCI) to determine risk levels and determine the appropriate level of security for their businesses. Specifically, merchant levels determine the amount of assessment and security validation that ... Continue Reading
Evaluate PCI compliance Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Editor's picks: Top cybersecurity articles of 2020
As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months. Continue Reading
-
Fighting PCI non-compliance could require new frameworks, zero trust
Falling PCI DSS compliance rates could force the PCI Security Standards Council to be more open to other regulatory frameworks and make enterprises aim higher in terms of data security. Could zero trust be part of the solution? Continue Reading
-
Data protection requirements start with firm grasp of GRC needs
Corporate data protection requirements are complex, but determining a company's unique GRC needs is an essential first step to information security. Continue Reading
Manage PCI compliance
Learn to apply best practices and optimize your operations.
-
5 PCI DSS best practices to improve compliance
Increased rates of PCI noncompliance are worth examining, as are PCI DSS best practices and tips for small and medium-sized companies. Read more in-depth compliance coverage here. Continue Reading
-
How PCI DSS compliance milestones can be a GDPR measuring stick
Constantly evolving regulations can cause confusion for security officers, but sometimes, there is process overlap. Here's how achieving compliance with PCI DSS can help meet GDPR mandates. Continue Reading
-
The ABCs of meeting quarterly PCI scanning requirements
For some organizations, quarterly PCI DSS scanning requirements create confusion. Here are tips on the PCI scanning process to help stay compliant. Continue Reading
Problem Solve PCI compliance Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
PAN truncation and PCI DSS compliance
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis. Continue Reading
-
Log management and compliance: What's the real story?
As more companies deploy security information and event management tools, as well as log management solutions, it's time to take a look at the regulations that apply to logging. Continue Reading
-
PCI DSS requirement: Maintaining a vulnerability management program
The third PCI DSS focus area requires antivirus software, secure coding practices, patch management and change control processes be in place. Continue Reading