Email Alerts
-
Are PCI auditors pitching products?
SAN FRANCISCO -- Auditors shouldn't be pitching remediation services or products to bring a company into compliance with PCI DSS rules, but some merchants are reporting the practice, according to Diana Kelley, vice president and service director at M... Interview
-
PCI Council hears complaints, suggestions for changes
Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers. Article
-
Log management push has its roots in compliance
Log management is expected to be a hot topic at the upcoming Burton Group Catalyst Conference. Experts say log data can help organizations comply with numerous guidelines. Article
-
Understanding PCI DSS compensating controls
By-the-book PCI DSS compliance scores big points with auditors, but abiding by all the regulations and requirements is a tall order in many organizations. Security management expert Mike Rothman discusses how compensating controls play a role in buil... Tip
-
Database authentication, encryption getting priority in some businesses
While more organizations are seeking database authentication and encryption technologies, others are turning to database monitoring to secure data. Article
-
Survey: Companies disregard data security breach risks
Companies continue to lack a response plan and fail to implement appropriate encryption technologies, according to a survey of more than 700 IT executives and security officers. Article
-
PCI DSS: The standards should not be lowered
Bob Russo, general manager of the PCI Security Standards Council explains that education is crucial to getting more merchants to comply with the standard. Column
-
HP targets energy compliance with appliance
A new appliance from HP touts event data management software from San Francisco-based SenSage Inc. to centrally store logging data for audits and investigations. Article
-
Experts: Easing standards like PCI DSS a bad idea
Financial services practitioners say security standards like PCI DSS can be hard to heed, but that easing them would be a bad idea given the data fraud epidemic. Article
-
The TJX data security breach: 10-K filing shows IAM and compliance mistakes
Analysis of TJX's recent 10-K regulatory filing with the Securities and Exchange Commission exposes the company's lack of basic security and non-compliance with industry standards. But as Joel Dubin writes, a closer look highlights lessons from which... Tip