In the past few weeks, I’ve received two replacement credit cards. And, no, this does not indicate I’ve done too much shopping! It means that hackers are continuing to target retailers and the bank decided I needed to be protected by new credit card numbers.
I’m Carol Ferrara-Zarb, and as the leader of Cisco’s Security Solutions team, I’m joining the Cisco Retail blog today to talk to you about security and compliance in the store. While consumers certainly worry about security, the concerns of retailers are magnified because you are among the highest-profile targets right now for professional hacker attacks. Store owners and operators are just about lying awake at night wondering who is going to be next.
At the same time, change is continuing on the security front, particularly in the area of PCI compliance. At the end of this calendar year, the new 3.0 version of the PCI DSS mandate will come into force. Are you ready for the new requirements?
If you’re a Cisco customer, you very well may be. Join us on July 23 for a free, one-hour webcast called, “Straight Talk about Reducing Complexity and Maintaining Compliance in Retail.” Cisco Security Architect Christian Janoff, who sits on the PCI Security Standards Council Board of Advisors, and Aaron Reynolds, PCI Managing Principal for Cisco partner Verizon, will lead a candid discussion on retail security. The session covers:
- The changes in the PCI DSS 3.0 mandate and their impact on your retail business
- How to satisfy three standards—PCI, SOX, and HIPAA—by configuring one control
- Implementing the latest, simplified strategies for PCI scope reduction, and how they can be superior to traditional methods for many retailers
You’ll come away with an overview of today’s threat landscape, and we’ll put it all into perspective to support your continued pursuit of compliance and retail success. Registrants will also receive the Simplifying Compliance Answer Kit, a set of documents and tools to help you understand compliance better.
The webcast takes place on July 23 at 10:00 am PT/1:00 pm ET. Please register today! Be sure to bring your questions to take part in the discussion.
We’ll see you there!
Tags: Carol Ferrara-Zarb, compliance, credit card, customer, data, HIPAA, information, pci, retail, security, shopper, sox, standard, threat, webcast
Earlier this week, we announced the Cisco Domain Ten framework 2.0, enhanced by great input from customers, partners, and Cisco’s well-earned experience of strategizing and executing IT transformation.
The enhanced Cisco Domain Ten framework helps customers drive better strategic decisions, providing greater focus on business outcomes, providing deeper analysis of hybrid cloud implications, and extending the framework beyond data center and cloud to include all IT transformation initiatives.
You may have read Stephen Speirs earlier blogs about Cisco Domain Ten for cloud transformation. Today, let’s look at key changes in the Cisco Domain Ten framework 2.0 from the original version. These changes have been adopted to enhance discussions on three themes:
- Highlight importance of public clouds as part of IT transformation and solutions using IaaS, PaaS, and SaaS within the data center and across the entire business.
- Addition of “Organization” in Domain 10 to bring together the business and technology focus for strategy discussions.
- Name changes for some domains to facilitate ease of alignment and discussion on overall IT transformation across multiple architectures and technology solutions such as ITaaS, collaboration, mobility, video, etc. for both enterprise and provider perspectives.
Read More »
Tags: application, automation, catalog, cloud application, Cloud Computing, compliance, customer interface, data center, Domain 10, Domain Ten, financial, Governance, infrastructure, IT Tranformation, organization, platform, process, security, strategy, virtualization
The HIPAA Omnibus Final Rule, released January 2013, greatly expands the number of organizations that must comply with HIPAA beyond the known ‘Covered Entities.’
The Final Rule expands the definition of a Business Associate to include an organization that ‘creates, receives, transmits or maintains’ PHI. Adding the term ‘maintains’ into the definition makes a big difference and will include a lot more businesses than before. The Department of Health and Human Services (HHS) estimates that 250,000 – 500,000 additional entities will be considered a Business Associate and therefore must comply with HIPAA. Read More »
Tags: Cisco Compliance Solutions Framework, Cisco Security, compliance, covered entities, HIPAA, HIPAA omnibus final rule
Rogue access points and unauthorized access, DDoS or penetration attacks, evil twin attacks – all mobile security issues that can keep you awake at night. But do you know the difference between compliance and enterprise security? Being compliant is not synonymous with being secure, that’s why our webcast on April 16, is focused on how to bridge the gap between PCI compliance and security to minimize the impact of an attack.
Read More »
Tags: 11ac, 802.11ac, Cisco, Cisco Unified Access, compliance, Converged Access, gigabit, gigabit ethernet, gigabit Wi-Fi, LAN, mobile, mobility, network, pci, secure, security, wi-fi, wifi, wired, wireless, wlan
Organizations continue to face threats to their brands, reputations, and profits from attacks on their information systems. The Payment Card Industry Data Security Standard (PCI DSS) is designed to protect credit card information. During my five-year tenure at Cisco, I’ve been focused on PCI. The challenge that we have faced when deploying a solution to help customers become compliant and maintain a secure enterprise is the complexity. At the various trade shows that I have attended to discuss PCI, I have encountered a lot of head-shaking and looks of disgust as I bring up the topic of PCI. To help simplify PCI compliance, Cisco has released the latest Cisco Compliance Solution for PCI DSS 2.0 to make it easier for organizations to maintain a secure, compliant network.
Read More »
Tags: compliance, Compliance Solution for PCI DSS 2.0, PCI Council Board of Advisors, pci-dss, security