Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
The latest edition of the ISMG Security Report leads off with an analysis of the PCI Security Standards Council's new requirements that are designed to help thwart attempts to defeat encryption in point-of-sale devices.
In a video interview, Troy Leach, CTO of the PCI Security Standards Council, explains enhanced standards designed to help ensure that POS vendors can stay ahead of new attacks aimed at defeating encryption.
Hear ISMG editors untangle the various elements in the Shadow Brokers-Equation Group saga, evaluate a new anti-ransomware tool and reflect on the 10th anniversary of the PCI Security Standards Council in this edition of the ISMG Security Report.
It's easy to look at the payments landscape and see only the flaws. But payment card security has come a long way in the past 10 years, thanks in large part to the PCI Data Security Standard. How will card security be refined in the coming decade?
Arizona-based Banner Health, which operates 29 hospitals, says it's notifying 3.7 million individuals that their data was exposed in a "sophisticated cyberattack." An initial attack against payment card processing systems apparently opened the door to the attackers accessing healthcare data.
The $900 million hospital is designed to offer the latest innovations in medical care, expanded trauma care, enhanced clinical programs, and advanced research directly affecting children.
Lurie Children's uses the latest in electronic health records (EHR), high-definition picture archiving and communications...
While many banks and merchants in Britain, France and Germany have long complied with the PCI Data Security Standard, deregulation has led organizations in other European countries to start taking PCI compliance more seriously and use it for competitive advantage.
The release this week by the PCI Security Standards Council of a new PCI compliance resource for small merchants is being lauded by the banking and payments community. But how effective will the resource be at actually convincing merchants to move forward with PCI compliance?
Ten years after the launch of the PCI Data Security Standards Council, the key to ensuring ongoing compliance with the PCI Data Security Standard is winning CEO buy-in worldwide, says Stephen Orfei, general manager of the council.
Achieving international acceptance of PCI-DSS is an ongoing challenge, says Jeremy King, international director of the PCI Security Standards Council, who's working to educate merchants about baseline security that goes far beyond cardholder data protection.
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
As we prepare to mark the tenth anniversary of the PCI Security Standards Council, it's time to assess the impact PCI-DSS has had on payments security and consider whether it will remain a viable standard 10 years from now. A series of upcoming reports will address these topics.
Five new payment card data security requirements for third-party service providers are among the most significant changes included in version 3.2 of the PCI Data Security Standard released April 28, says Troy Leach of the PCI Security Standards Council.