the State of Security

PCI DSS

PCI Compliance — More Than Just a Tick Box Exercise?

PCI Compliance — More Than Just a Tick Box Exercise?

by Cindy Valladares

“Compliance” is sometimes considered a dirty word in the information security world, particularly when companies take a “tick box” or “check box” approach to achieving it before an audit instead of treating continuous compliance as a part of business as usual. Infosec expert and ‘cynic’ Javvad Malik interviews Neira Jones (@NeiraJones on Twitter), Head of [...]

Read More
Thumbnail image for How Safe is Your Credit Card Data?

How Safe is Your Credit Card Data?

by Cindy Valladares

Well, that depends on who is responsible for safeguarding your credit card information. This is a case study of how Point is providing better protection to its customers, merchants in Europe. Organization Point is the leading provider of electronic payment solutions in Europe, serving every type of business that require multi-channel payment capabilities: from small [...]

Read More

Using PCI Compliance As a Business Driver

by Cindy Valladares

Here at Tripwire we get many great customer success stories, so I’ve decided to start a series of blog posts that bring those stories to you. This week’s post focuses on a The Logic Group, a large payment processor in the UK. Organization The Logic Group solutions process in excess of three billion credit and [...]

Read More

PCI DSS Compliance: More Carrot and Less Stick?

by Cindy Valladares

Or a less sexy title: does compliance with mandates such as Payment Card Industry Data Security Standard (PCI DSS) help reduce risks for organizations (the carrot) even though it’s costly and the consequences of non-compliance even costlier (the stick)?

Read More

PCI DSS Picks Up a Missouri Accent with V2’s 11.5b: “Show Me”

by Cindy Valladares

We all know what PCI 11.5 says, right? At Tripwire it’s almost a corporate anthem: “Deploy file-integrity monitoring tools to alert personnel to unauthorized modification of critical system files, configuration files, or content files…” Ensuring the integrity of files and configurations is essential to IT security in general, and indispensable in protecting the cardholder information [...]

Read More

The implications of Visa’s new Technology Innovation Program (TIP)

by Cindy Valladares

A few days ago, Visa announced a new Technology Innovation Program (TIP) that will allow merchants outside of the United States to be exempt from having to validate for PCI DSS. This program will go into effect on March 31, 2011. The TIP program allows non-US merchants to discontinue their compliance with PCI DSS if [...]

Read More

← Previous Entries