Security research, news and guidance

Category Archives: PCI DSS

News and posts relating to the PCI DSS

Heartlands to sue competitors who exploit their loss of compliance

March 26, 2009  |  Written by admin  |   Application Security, Data Loss, Hacking, PCI DSS   |   Leave a comment

Just a quick note to point you over to a story on Computer World. In short: “Heartland Payment Systems Inc. is warning rivals of possible legal action if they don’t stop trying to lure away its customers by hinting that continuing to do business with the breached payment processor could expose companies to fines by Visa Inc. for noncompliance with the PCI data security rules. In a message posted on Heartland’s Web site on Monday, … Read more >

Prioritising PCI Requirements

March 17, 2009  |  Written by admin  |   PCI DSS   |   Leave a comment

Hi everyone, I have been distracted in the past week by the Facebook flaw and I have overlooked a couple of posts I should have made. The first one is the release of the PCI Councils prioritised approach for PCI DSS 1.2. The council seem to have done a very good job here, the excel sheet you can download for free serves as a compliance tracking tool which I will be using myself going forward … Read more >

Two updates on the “new” payment processor breach

February 28, 2009  |  Written by admin  |   Data Loss, Hacking, PCI DSS   |   1 Comment

Hi everyone, After a lot of speculation around a new data breach it appears that it might not be a new payments processor after all. In the last few days people had begun to speculate that this wasn’t another payments processor who had been breached but it was a breach of data at a processor who had already been breached once. If Visa had been so adamant in pointing it that it wasn’t Heartlands then … Read more >

PCI council devises a 12-step program for meeting security standards

February 28, 2009  |  Written by admin  |   PCI DSS   |   Leave a comment

The PCI Council will be releasing a list of 12 milestones for businesses to address on the way to becoming PCI compliant. The list will contain milestones such as removing unnecessary sensitive data (do people really need to be told that?) from systems. The full article explaining the milestones can be found here. I think the most interesting point in the article is from Bob Russo of the PCI Council, he said: “Businesses that are … Read more >

VIDEOS & SLIDESHARES

Look at our latest security Videos & SlideShares

EVENTS & SEMINARS

Upcoming Security Events & Seminars

PODCASTS & DOWNLOADS

Check out our Podcasts & White Papers