Items Tagged with "PCI DSS"


49afa3a1bba5280af6c4bf2fb5ea7669

A PCI DSS Overview

April 16, 2010 Added by:Mike Meikle

As a consultant, you get to view the grim expanse of industry regulation more than most.  Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA) and of course the topic of this article, Payment Card Industry Data Security Standard (PCI DSS).

Comments  (0)


From the Web

19 more financial sector breaches from 2009

February 27, 2010 from: Office of Inadequate Security

Maryland has updated its web site to provide breach notifications that it has received since its last update.  The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010

Comments  (0)


From the Web

BJ’s, Bank Not Liable for Credit Card Fraud

December 15, 2009 from: Office of Inadequate Security

Cumis Insurance Society and the credit unions it insures have failed in their lawsuit against BJ’s Wholesale Club and Fifth Third Bank over a 2004 breach that affected 9.2 million cardholders.

Comments  (0)


From the Web

The Merchants Strike Back?

December 07, 2009 from: Office of Inadequate Security

With the recent news of several restaurants teaming up to sue point-of-sale system provider Radiant Systems (a copy of the complaint can be found here) for failing to comply with the PCI Standard, it appears that some merchants may be in a mood to strike back in the aftermath of a payment card security breach. This lawsuit comes in the wake of a couple lawsuits against payment card security assess...

Comments  (0)

B038fefd7a19c26505d1f0671609d8ce

Mitigating Risks by Leveraging a Core Business Process

October 20, 2009 Added by:Mike Cuppett

When it comes to audits and other compliance requirements - think Sarbanes-Oxley, PCI-DSS, internal and external audits, etc. - people tend to get a bit uptight and flustered. Fortunately, by keeping a calm head and a rational perspective, your reaction to these challenges can be cool and calm, allowing you to leverage a methodology you already know - risk mitigation.

Comments  (0)


From the Web

Visa releases End to End Best Practices! Big Kudos!!

October 06, 2009 from: hackyourself.net

Visa, always leading the charge for the card brands, has just released a new document on Data Field Encryption.  Visa’s Best Practices document, known as Data Field Encryption Version 1.0 is intended to provide guidance for companies building end to end (or point to point) encryption solutions.

Comments  (0)


From the Web

Royal Bank glitch allowed Visa customers to view others’ transactions

October 03, 2009 from: Office of Inadequate Security

The Royal Bank says it has fixed a computer security glitch that allowed some of its West Coast Visa customers to view transactions made by other cardholders.

Comments  (0)


From the Web

Cloud/SaaS will do for websites what PCI-DSS has not

October 02, 2009 from: Jeremiah Grossman's Blog

If a would-be Cloud/Software-as-a-Service (SaaS) customer is concerned about security, and they should be since their business is on the line, then security should be the vendors concern as well. Unless the Cloud/SaaS vendor is able to meet a customer’s minimum requirements, they risk losing the business to a competitor who can.

Comments  (1)


From the Web

What Star Trek Predicts About The Future of Information Security

September 18, 2009 from: Rsnake's blog at ha.ckers.org

I had a funny thought while talking with some folks from Intel about what the future state of of information security would look like and how that relates to what our favorite nerdy show, Star Trek, has to say on the topic. This is meant to be a funny post, but there may be some truth buried in here somewhere too. Without further ado:

Comments  (2)


From the Web

Commerce Bank replaces cards compromised in Heartland breach

September 18, 2009 from: Office of Inadequate Security

Dan Margolies reports that Commerce Bank in Kansas City is first replacing credit cards after a recent small wave of fraudulent activity was reported. The compromised cards were involved in the Heartland Payment Systems breach disclosed in January 2009.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Heartland Regains PCI Compliant Status

May 03, 2009 Added by:Anthony M. Freed

Heartland’s removal from the list of compliant payment processors had followed revelations that the company had suffered what may have been the largest data breach of payment card information to date, although details of the incident have not been made available due to ongoing investigations...

Comments  (5)

6d117b57d55f63febe392e40a478011f

Payment Card Industry Swallows Its Own Tail

April 01, 2009 Added by:Anthony M. Freed

The greatest threat to the survival of PCI DSS (Payment Card Industry Data Security Standard) may not be the ever-evolving tactics of the criminal hackers, but instead the dysfunctional nature of the relationships between the very parties the standards are meant to serve...

Comments  (2)

6d117b57d55f63febe392e40a478011f

Visa Puts Heartland on Probation Over Breach

March 13, 2009 Added by:Anthony M. Freed

HPS is now in a probationary period, during which it is subject to a number of risk conditions including more stringent security assessments, monitoring and reporting. Subject to these conditions, Heartland will continue to serve as a processor in the Visa system...

Comments  (1)

Page « < 8 - 9 - 10 - 11 - 12 > »