the State of Security

PCI

Using PCI Compliance As a Business Driver

by Cindy Valladares

Here at Tripwire we get many great customer success stories, so I’ve decided to start a series of blog posts that bring those stories to you. This week’s post focuses on a The Logic Group, a large payment processor in the UK. Organization The Logic Group solutions process in excess of three billion credit and [...]

Read More

How to Achieve Better Security

by Cindy Valladares

A few weeks ago I had the pleasure of interviewing Mike Dahn, Director of Risk and Compliance at PwC, and Josh Corman, Research Director of Enterprise Security at The 451 Group. The focus of our conversation was on what practical advice they could give to organizations that wanted to move beyond proving compliance validation to [...]

Read More

PCI DSS Compliance: More Carrot and Less Stick?

by Cindy Valladares

Or a less sexy title: does compliance with mandates such as Payment Card Industry Data Security Standard (PCI DSS) help reduce risks for organizations (the carrot) even though it’s costly and the consequences of non-compliance even costlier (the stick)?

Read More

Zombies Invade the 2011 RSA Conference at the Petcha Kutcha Event

by ~Previous Contributers

There is an event each year at the RSA Conference in San Francisco called Petcha Kutcha.  I had heard good things about it and it sounded a lot like Ignite so I decided to check it out.  According to Wikipedia this is what a Petcha Kutcha is: Pecha Kucha Night was devised in February 2003[2] by [...]

Read More

PCI DSS Picks Up a Missouri Accent with V2’s 11.5b: “Show Me”

by Cindy Valladares

We all know what PCI 11.5 says, right? At Tripwire it’s almost a corporate anthem: “Deploy file-integrity monitoring tools to alert personnel to unauthorized modification of critical system files, configuration files, or content files…” Ensuring the integrity of files and configurations is essential to IT security in general, and indispensable in protecting the cardholder information [...]

Read More

The implications of Visa’s new Technology Innovation Program (TIP)

by Cindy Valladares

A few days ago, Visa announced a new Technology Innovation Program (TIP) that will allow merchants outside of the United States to be exempt from having to validate for PCI DSS. This program will go into effect on March 31, 2011. The TIP program allows non-US merchants to discontinue their compliance with PCI DSS if [...]

Read More