SecurityRatty: tag: pci

Went on Vacation - Missed PCI DSS 1.2 :-)

2008-08-21 08:52:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

OMG, I go on vacation for 3 days (pretty much offline) - and I miss pre-release of PCI DSS 1.2 How unfair is that In any case, I am baaaaaack About me: http://www.chuvakin.org

Tags: pci dss, miss pre-release, vacation, baaaaaack, org, omg, days, pretty, offline

Changes to PCI standard not expected to up the ante

2008-08-20 00:00:00 by HASH0x8b1509c in Network World on Security

The group that administers the Payment Card Industry Data Security Standard -- or PCI, for short -- this week released a summary of the changes that are being made to the requirements in a revision scheduled to be published in October

Tags: pci, october, week, requirements, short, revision, summary, administers

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog

...PCI compliant, but last week a breach changed all that. Last Monday, Scarborough, Maine-based Hannaford Brothers Co., a regional Grocery Store chain the Northeast U.S. (and the store I shop at and pay using my debit card) had a breach that exposed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so...

Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures

Is PCI compliance creating a false sense of security?

2008-03-28 09:44:50 by Burton Group in Security and Risk Management Strategies Blog

...PCI compliant, but last week a breach changed all that. Last Monday, Scarborough, Maine-based Hannaford Brothers Co., a regional Grocery Store chain the Northeast U.S. (and the store I shop at and pay using my debit card) had a breach that exposed up to 4.2 million credit and debit cardholders to potential fraud The result of this breach so...

Tags: pci compliance, compliant, pci compliant merchant, pci, pci compliance statement, merchant, pci compliant, pci dss, pci compliance measures

PCI compliance are you just checking the box?

2007-11-14 22:05:00 by Patrick McGregor in Data Protection, Management and Leakage

...PCI) standards . I speak with many retailers in my role BitArmor helps them secure and manage cardholder data in their environments. One of the challenges that retail CISOs face is selling senior management on the funding of PCI initiatives. Often, senior management would rather invest in opening a new store than in purchasing an encryption...

Tags: pci, pci compliance, pci requires, address pci challenges, challenges, address, pci initiatives, retailers, data protection benefits

PCI compliance, building the base

2008-06-12 11:54:22 by Burton Group in Security and Risk Management Strategies Blog

...PCI compliant companies, like Hannaford Brothers ( http://www.networkworld.com/news/2008/031708-hannaford-data-breach.html ), Okemo Mountain Resort ( http://www.okemo.com/okemowinter/security update.asp ), etc. Credit data is being stolen! While this is exceedingly bad, I have a theory on why this is happening Before I get into my theory Id...

Tags: pci compliance, pci compliance requirements, military, top secret information, military branch, information, guard, guard houses, data

PCI compliance, building the base

2008-06-12 11:54:22 by Burton Group in Security and Risk Management Strategies Blog

...PCI compliant??? companies, like Hannaford Brothers ( http://www.networkworld.com/news/2008/031708-hannaford-data-breach.html ), Okemo Mountain Resort ( http://www.okemo.com/okemowinter/security update.asp ), etc. Credit data is being stolen! While this is exceedingly bad, I have a theory on why this is happening Before I get into my theory...

Tags: pci compliance, pci compliance requirements, military, top secret information, military branch, information, data, credit data, guard

MUST-DO Logging for PCI?

2008-02-11 10:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...PCI DSS compliance? Since this is a common question, I am broadcasting it here The honest answer to the above question is that there is no list of what EXACTLY you MUST be logging due to PCI or, pretty much, any other recent "compliance thingy" (as we all know, PCI DSS rules are more specific than most others). However, the above does NOT...

Tags: pci, pci dss rules, pci dss compliance, pci dss guidance, compliance, log, must-log-this, pci book, log management

The Hannaford PCI Fallout

2008-03-28 13:07:12 by Marc Othersen in Security & Risk Management

...PCI standard may change. Much depends on Hannaford disclosing the control failures leading to the data breach. The standard may be strengthened to address control areas that may have been overlooked. Should the controls that failed not be part of the current PCI standard, they will most likely be added in the future. Should the controls...

Tags: pci, current pci standard, pci standard, pci compliance auditors, pci audit, normal pci auditors, hannaford, standard, pci auditors

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo