SEARCH RESULTS
 
Showing 1-10 of 173 records
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...PCI compliant, but last week a breach changed all that. Last Monday, Scarborough, Maine-based Hannaford Brothers Co., a regional Grocery Store chain the Northeast U.S. (and the store I shop at and pay using my debit card) had a breach that exposed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog
 
...PCI compliant, but last week a breach changed all that. Last Monday, Scarborough, Maine-based Hannaford Brothers Co., a regional Grocery Store chain the Northeast U.S. (and the store I shop at and pay using my debit card) had a breach that exposed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so...
 
Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures
 
 
 
 
Expand article

PCI compliance are you just checking the box?

2007-11-14 22:05:00 by Patrick McGregor in Data Protection, Management and Leakage
 
...PCI) standards . I speak with many retailers in my role BitArmor helps them secure and manage cardholder data in their environments. One of the challenges that retail CISOs face is selling senior management on the funding of PCI initiatives. Often, senior management would rather invest in opening a new store than in purchasing an encryption...
 
Tags: pci, pci compliance, pci requires, address pci challenges, challenges, address, pci initiatives, retailers, data protection benefits
 
 
 
 
Expand article

PCI compliance, building the base

2008-06-12 11:54:22 by Burton Group in Security and Risk Management Strategies Blog
 
...PCI compliant companies, like Hannaford Brothers ( http://www.networkworld.com/news/2008/031708-hannaford-data-breach.html ), Okemo Mountain Resort ( http://www.okemo.com/okemowinter/security update.asp ), etc. Credit data is being stolen! While this is exceedingly bad, I have a theory on why this is happening Before I get into my theory Id...
 
Tags: pci compliance, pci compliance requirements, military, top secret information, military branch, information, guard, guard houses, data
 
 
 
 
Expand article

PCI compliance, building the base

2008-06-12 11:54:22 by Burton Group in Security and Risk Management Strategies Blog
 
...PCI compliant??? companies, like Hannaford Brothers ( http://www.networkworld.com/news/2008/031708-hannaford-data-breach.html ), Okemo Mountain Resort ( http://www.okemo.com/okemowinter/security update.asp ), etc. Credit data is being stolen! While this is exceedingly bad, I have a theory on why this is happening Before I get into my theory...
 
Tags: pci compliance, pci compliance requirements, military, top secret information, military branch, information, data, credit data, guard
 
 
 
 
Expand article

MUST-DO Logging for PCI?

2008-02-11 10:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...PCI DSS compliance? Since this is a common question, I am broadcasting it here The honest answer to the above question is that there is no list of what EXACTLY you MUST be logging due to PCI or, pretty much, any other recent "compliance thingy" (as we all know, PCI DSS rules are more specific than most others). However, the above does NOT...
 
Tags: pci, pci dss rules, pci dss compliance, pci dss guidance, compliance, log, must-log-this, pci book, log management
 
 
 
 
Expand article

The Hannaford PCI Fallout

2008-03-28 13:07:12 by Marc Othersen in Security & Risk Management
 
...PCI standard may change. Much depends on Hannaford disclosing the control failures leading to the data breach. The standard may be strengthened to address control areas that may have been overlooked. Should the controls that failed not be part of the current PCI standard, they will most likely be added in the future. Should the controls...
 
Tags: pci, current pci standard, pci standard, pci compliance auditors, pci audit, normal pci auditors, hannaford, standard, pci auditors
 
 
 
 
Expand article

Got PCI? Another aspect of data security and PCI, I did not know

2007-12-06 17:17:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...PCI compliance. Hmmm we agree that this does not make sense, and there were many conjectures as to why this is the case. A few of the reasons put forth - they know how difficult the process is and are taking their time; they dont care about fines (the fines dont make a dent), it is too complex for the leaders etc My theory is this retailers...
 
Tags: pci, pci boxes, best-in-class, class, pci perspective, best-in-class retailers, retailers, pci compliance, high-end analysis capabilities
 
 
 
 
Expand article

Rebecca Herold on PCI and Logging

2008-04-04 16:08:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...PCI and logging. She also touches on using logs to deal with insiders. My ego is telling me to be upset since she doesn't mention either a " PCI Compliance " book (free chapter on logging for PCI is here ) or any of my other related writing, but I will survive it However, she makes one snafu that makes me cringe (and also think negative...
 
Tags: pci, pci -compliant, pci dss, pci compliance, rebecca herold, bit, log management system, bit lightweight, absurd concept