Security Wire Weekly » PCI

The effects of compliance on the security industry

Jessica Scarpati — Fri, 04 Mar 2011 15:36:30 +0000

Paul Judge, CTO of Barracuda Networks and Joshua Corman, director of enterprise research at the 451 Group discuss whether compliance hinders the creation of innovative security technologies.

Joshua Corman: Why Zombies love PCI (YouTube Video)

Payment industry finalizes PCI DSS 2.0

Jessica Scarpati — Mon, 01 Nov 2010 13:30:49 +0000

Jeremy King, the European director of the PCI SSC discusses the PCI DSS 2.0 changes in more detail and where the industry is headed.

Program links:

PCI DSS 2.0: PCI assessment changes explained
PCI DSS expert Ed Moyle explains how the changes in PCI DSS 2.0 will affect companies during the PCI assessment process.

PCI 2.0 guide: How have PCI compliance requirements changed?
In this PCI 2.0 learning guide, you will learn how the PCI compliance requirements have changed, if those changes have improved the standard and how the changes will affect your environment.

Mythbusting PCI Compliance

Jessica Scarpati — Wed, 20 Oct 2010 17:53:36 +0000

Joshua Corman, research director at The 451 Group joins the editorial team in a discussion on how PCI has affected the security industry and a recent Verizon survey of QSAs that indicates that organizations that had been breached were 50% less likely to be PCI compliant.

New Verizon report connects PCI non-compliance and data breaches (Oct. 05, 2010)
Results of the first Verizon Payment Card Industry Compliance Report indicate that organizations that had been breached were 50% less likely to be PCI compliant.

“Hug it out” Network Security Podcast: This is the third of a three part series (Part 1, Part 2) being sponsored by Tripwire called “PCI Hug It Out”. In Part Three Gene Kim, Mike Dahn and Josh Corman explore the points of commonality between Mike and Josh and how they can turn them into calls to action from the community as a whole. The proceeds go to Hackers for Charity.

(Music credit: “Take Time for the Tub” by by Derek K. Miller)

The security-compliance tug-of-war

Jessica Scarpati — Fri, 15 Oct 2010 15:25:03 +0000

Bryan E. Simon, senior systems and security specialist at Prince George, BC-based Integris Credit Union, talks about the daily struggles security pros face, including the need to balance security demands with compliance requirements.

Ryder Truck Rental PCI compliance project

Jessica Scarpati — Wed, 21 Apr 2010 01:12:23 +0000

Julio Gonzalez, director of IT, GRC and network operations at Ryder Truck Rental, talks about the company’s PCI compliance project, aimed at addressing any credit card exposures. In this interview, conducted at Infosec World 2010 by SearchMidmarketSecurity.com’s Billy Hurley, Gonzalez talks about the relief of outsourcing, the challenges of working with an auditor and the framework he has set up for future regulations.

Heartland CIO on PCI, E3 project

Jessica Scarpati — Thu, 22 Oct 2009 14:08:09 +0000

Heartland Payment Systems CIO Steve Elefant talks about the processor’s new E3 security processes, end-to-end encryption, deployment and adoption issues.

Squad: TJX, Black Hat and Social Security numbers

Jessica Scarpati — Fri, 17 Jul 2009 16:58:32 +0000

The SearchSecurity.com editors discuss TJX’s settlment with 41 states over its data breach, Juniper’s decision to pull a Black Hat presentation and whether our Social Security numbers are at risk

Squad: Data breach burn-out

Jessica Scarpati — Fri, 15 May 2009 19:19:52 +0000

SearchSecurity.com editors discuss whether the Berkeley data breach warranted so much news coverage and whether people are becoming desensitized to data breaches. Also, Heartland Payment Systems’ push for better industry wide security and whether software vendors should push silent updates to users.