Home » Data Protection » PCI and Compliance

PCI and Compliance

Compliance strategies for PCI-DSS, PCI PA-DSS, Sarbanes-Oxley, ISO27005, HIPAA, data breach notification and other security regulations and requirements

PCI and Compliance articles

Health care breach victims plummet

Tougher rules and big settlements are said to be behind the fall in affected clients, but one group calls it the 'calm before the storm'

» full story

Security and vulnerability assessment: 4 common mistakes

Uncovering problems and fixing security gaps can go awry with these oft-made blunders. Here are four examples of where vulnerabilities assessments typically go wrong

» full story

Little sympathy for merchants in disputes over PCI violations

Genesco files $13M suit, arguing penalties from banks processing credit-card payments occuring without evidence card data has been stolen

» full story

Taking copyright fight to ISPs too punitive, say critics

» full story

Payment Card Industry clears up confusion over cloud use

New Data Security Standards (DSS) for the cloud make clear the responsibilities of merchants and service providers

» full story

Nationwide/Allied security breach highlights litigation fears

Some experts believe civil litigation can become an effective deterrent to sloppy security at financial institutions

» full story

Heist once again highlights e-banking vulnerabilities

Commercial customers need to heed warnings from cyber thefts in Missouri, Maine

» full story

Courts widening view of data breach damages, lawyers say

Would make companies liable for steps taken to prevent financial harm, which might require then carrying insurance to cover identity theft

» full story

The race toward compliance is 'not optimal'

More security managers find themselves running compliance programs rather than performing security and risk management.

» full story

GRC: Trying to take the bite out of risk

Is governance, risk and compliance (GRC) software the right choice for your company?

» full story

» View all PCI and Compliance articles

PCI AND COMPLIANCE ESSENTIAL READING

How to efficiently manage security compliance with PCI DSS and other laws and regulations

Best Practices Guide for IT Governance & Compliance
Read this white paper to learn the steps for achieving compliance, the major provisions of four key regulations, and the best practices for deploying a compliance solution.
How to Get Ahead of the Compliance Curve
In a survey by IT Policy Compliance Group, a consortium dedicated to helping IT security professionals meet policy and compliance goals, 70% of all respondents reported being subject to multiple regulatory compliance mandates...
Exalogic and PCI Compliance - Implementing Oracle Exalogic in a Payment Card Environment
This paper is intended to examine the suitability of the Oracle Exalogic platform for securely hosting Payment Card Industry (PCI) applications in accordance with the PCI Data Security Standard (PCI DSS).
CSO's Digital Spotlight on GRC
Welcome to CSO's latest Digital Spotlight, an electronic edition of the magazine focusing on a single issue. This edition digs into Governance, Risk, and Compliance (GRC) - the process of getting a handle on these closely-related activities and requirements.

This issue includes three feature articles:

Take a Bite Out of Risk
Is GRC software right for your company?

Been There, Done That
CISOs share implementation tips gained from first-hand experience

What's Next for GRC?
How tools will continue to evolve to meet the complex GRC challenge

CSO's Digital Spotlights contain content you won't see anywhere else. These special supplements are sent only to our print subscribers.