The PCI Security Standards Council envisions a single, globally-unified data security standard. Now that the European Card Payment Association is a strategic regional member, that goal is significantly closer, says Jeremy King, the council's international director.
As public cloud offerings and technologies to secure them continue to mature, public cloud will increasingly feature in India's cloud story. How ready are security practitioners, and how much traction do technologies such as CASB have?
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
The story around payment security in India is driven by the spurt of technology innovations in nontraditional payment channels that are seeing massive traction. SISA's 2016 Summit will look at innovation and the threat landscape.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
Jeremy King of the PCI Security Standards Council explains why it has extended its compliance deadline for encryption updates aimed at phasing out SSL and TLS 1.0. But he stresses that merchants, processors and acquirers should not wait to make upgrades.
In the largest monetary award obtained by the FTC in an enforcement action, LifeLock has agreed to pay $100 million to settle a case that, in part, stemmed from the identity protection company failing to establish and maintain an information security program to protect customers' personally identifiable information.
As U.S. merchants shore up physical point-of-sale security by upgrading their terminals to accept EMV chip cards, attackers are turning their aim toward new, unattended targets. Here's the latest on how to respond to "shimming" attacks.
Even though the U.S. is migrating to the EMV chip, Visa is still stressing the need for merchants to comply with the PCI Data Security Standard, says Eduardo Perez, the card brand's senior vice president of payment risk, in this video interview.
The recent data breach at U.K.-based telecom company TalkTalk illustrates that breach risk mitigation is a critical issue worldwide. PCI's Jeremy King, who will be a featured speaker at ISMG's Fraud Summit London on Oct. 27, explains why European data security is getting more scrutiny.
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
Policymakers must consider three factors before imposing sanctions in retaliation for state-backed hacks: Confidence in its attribution of responsibility, the impact of the incident and the levers of national power at a state's disposal.
The PCI Security Standards Council has just released version 2 of its point-to-point encryption standard. Jeremy King of the PCI SSC explains how this optional standard can complement PCI-DSS compliance.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.
Five best practices noted in version 3.0 of the PCI Data Security Standard will become requirements after June 30, with remote access and third-party risks the key focus - particularly for smaller merchants.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.