The Payment Card Industry (PCI) Security Standards Council (SSC) is an open global forum for the ongoing development, enhancement, storage, dissemination, and implementation of security standards for account data protection. The 2013 meeting will focus on the updates to core PCI standards: PCI DSS, PTS PA-DSS.
Getting the latest information about the PCI Data Security Standard (DSS) is vital as products and technologies continue to change at a rapid pace. Being part of the conversations, networking with like-minded professionals, and interacting directly with payment card brands are just a few of the benefits of attending the seventh annual PCI SSC North American Community Meeting. The meeting runs September 24–26, 2013, at the Mandalay Bay Convention Center in Las Vegas, Nevada.
Read More »
Tags: Compliance Solution for PCI DSS 2.0, pci, PCI Compliance, security
I have been participating in meetings with the Association of Retail Technology Standards (ARTS) since 2006 when Cisco joined as a member organization. ARTS, a division of the National Retail Federation, is an international membership organization dedicated to reducing the costs of technology through standards. Its mission is to develop best practices, technology standards and educational programs through collaboration and partnerships that will enable retailers, their vendors and suppliers to conduct business globally. ARTS standards, products and programs are dedicated to fostering innovation, improving shopper experience, and increasing retailer efficiency.
Read More »
Tags: ARTS, NRF, pci, retail
Rogue access points and unauthorized access, DDoS or penetration attacks, evil twin attacks – all mobile security issues that can keep you awake at night. But do you know the difference between compliance and enterprise security? Being compliant is not synonymous with being secure, that’s why our webcast on April 16, is focused on how to bridge the gap between PCI compliance and security to minimize the impact of an attack.
Read More »
Tags: 11ac, 802.11ac, Cisco, Cisco Unified Access, compliance, Converged Access, gigabit, gigabit ethernet, gigabit Wi-Fi, LAN, mobile, mobility, network, pci, secure, security, wi-fi, wifi, wired, wireless, wlan
As part of Cisco’s Compliance team, I’ve monitored organizational breaches and attacks. If you’re like me and follow media reports and industry news, then you know that data breaches have increased in severity and frequency. Unfortunately, many organizations do not have the tools, personnel, and funding to prevent, quickly detect, and contain data breaches. The Payment Card Industry (PCI) Security Standards Council offers robust and comprehensive standards to enhance payment card data security. According to Ponemon Institute, organizations that are PCI compliant have fewer data breaches than non-compliant firms do. However, we know that PCI compliance is not enough. Even if you’ve met the stringent requirements of PCI DSS 2.0, your cardholder data may not be totally secure.
So, how can organizations maintain compliance and end-to-end security? The Compliance Solution team has gathered thought leaders in the payment card industry to offer research, guidance and best practices to help organizations overcome these challenges.
Join our webcast on April 16, 2013, with PCI experts from the Ponemon Institute, Verizon Business, and the PCI Security Standards Council to learn how Cisco can help bridge the gap between PCI compliance and security to minimize the impact of an attack. Read More »
Tags: compliance solutions, payment card industry, pci, PCI DSS 2.0, PCI security standards council
As a frequent attendee of the US RSA Conference in the past, this year I had the opportunity to work in the Cisco booth on the exhibition floor. This year’s RSA event was very busy, it seemed like there was a continuous flow of people and energy across the show floor. I had the pleasure of staffing Cisco’s Compliance Solution demonstration where we test people’s knowledge of PCI compliance. This is one of my favorite demos/stations to operate because it rewards people for their hard learned knowledge and skill on the topic with a prize instead of the normal random drawing (if you get the highest score in the shortest amount of time, you’re the winner!). I was surprised by the number of attendees that did not want to take our quiz. Was it a fear of being put on the spot? Or were they just not very knowledgeable about PCI? I consider the RSA conference as a security minded conference and thought a solid business driver like PCI Compliance would be front and center for many security professionals that often have to justify security purchases. Further, given the proliferation of data breaches across all industry segments, this should be a top of mind topic. Many industries outside of retail accept credit cards for payment of services and products (e.g., hospital co-pays, DMV fees, city permits, Insurance payments, hotels, transit stations) so when all three days of the quiz were won by retailers I was a bit surprised. I would have expected a few security vendors or professionals to have won at least one day! Read More »
Tags: Cisco PCI Solution architectures, pci, PCI Compliance, RSA 2013, security