In the past few weeks, I’ve received two replacement credit cards. And, no, this does not indicate I’ve done too much shopping! It means that hackers are continuing to target retailers and the bank decided I needed to be protected by new credit card numbers.
I’m Carol Ferrara-Zarb, and as the leader of Cisco’s Security Solutions team, I’m joining the Cisco Retail blog today to talk to you about security and compliance in the store. While consumers certainly worry about security, the concerns of retailers are magnified because you are among the highest-profile targets right now for professional hacker attacks. Store owners and operators are just about lying awake at night wondering who is going to be next.
At the same time, change is continuing on the security front, particularly in the area of PCI compliance. At the end of this calendar year, the new 3.0 version of the PCI DSS mandate will come into force. Are you ready for the new requirements?
If you’re a Cisco customer, you very well may be. Join us on July 23 for a free, one-hour webcast called, “Straight Talk about Reducing Complexity and Maintaining Compliance in Retail.” Cisco Security Architect Christian Janoff, who sits on the PCI Security Standards Council Board of Advisors, and Aaron Reynolds, PCI Managing Principal for Cisco partner Verizon, will lead a candid discussion on retail security. The session covers:
- The changes in the PCI DSS 3.0 mandate and their impact on your retail business
- How to satisfy three standards—PCI, SOX, and HIPAA—by configuring one control
- Implementing the latest, simplified strategies for PCI scope reduction, and how they can be superior to traditional methods for many retailers
You’ll come away with an overview of today’s threat landscape, and we’ll put it all into perspective to support your continued pursuit of compliance and retail success. Registrants will also receive the Simplifying Compliance Answer Kit, a set of documents and tools to help you understand compliance better.
The webcast takes place on July 23 at 10:00 am PT/1:00 pm ET. Please register today! Be sure to bring your questions to take part in the discussion.
We’ll see you there!
Tags: Carol Ferrara-Zarb, compliance, credit card, customer, data, HIPAA, information, pci, retail, security, shopper, sox, standard, threat, webcast
The Payment Card Industry (PCI) Security Standards Council (SSC) is an open global forum for the ongoing development, enhancement, storage, dissemination, and implementation of security standards for account data protection. The 2013 meeting will focus on the updates to core PCI standards: PCI DSS, PTS PA-DSS.
Getting the latest information about the PCI Data Security Standard (DSS) is vital as products and technologies continue to change at a rapid pace. Being part of the conversations, networking with like-minded professionals, and interacting directly with payment card brands are just a few of the benefits of attending the seventh annual PCI SSC North American Community Meeting. The meeting runs September 24–26, 2013, at the Mandalay Bay Convention Center in Las Vegas, Nevada.
Read More »
Tags: Compliance Solution for PCI DSS 2.0, pci, PCI Compliance, security
I have been participating in meetings with the Association of Retail Technology Standards (ARTS) since 2006 when Cisco joined as a member organization. ARTS, a division of the National Retail Federation, is an international membership organization dedicated to reducing the costs of technology through standards. Its mission is to develop best practices, technology standards and educational programs through collaboration and partnerships that will enable retailers, their vendors and suppliers to conduct business globally. ARTS standards, products and programs are dedicated to fostering innovation, improving shopper experience, and increasing retailer efficiency.
Read More »
Tags: ARTS, NRF, pci, retail
Rogue access points and unauthorized access, DDoS or penetration attacks, evil twin attacks – all mobile security issues that can keep you awake at night. But do you know the difference between compliance and enterprise security? Being compliant is not synonymous with being secure, that’s why our webcast on April 16, is focused on how to bridge the gap between PCI compliance and security to minimize the impact of an attack.
Read More »
Tags: 11ac, 802.11ac, Cisco, Cisco Unified Access, compliance, Converged Access, gigabit, gigabit ethernet, gigabit Wi-Fi, LAN, mobile, mobility, network, pci, secure, security, wi-fi, wifi, wired, wireless, wlan
As part of Cisco’s Compliance team, I’ve monitored organizational breaches and attacks. If you’re like me and follow media reports and industry news, then you know that data breaches have increased in severity and frequency. Unfortunately, many organizations do not have the tools, personnel, and funding to prevent, quickly detect, and contain data breaches. The Payment Card Industry (PCI) Security Standards Council offers robust and comprehensive standards to enhance payment card data security. According to Ponemon Institute, organizations that are PCI compliant have fewer data breaches than non-compliant firms do. However, we know that PCI compliance is not enough. Even if you’ve met the stringent requirements of PCI DSS 2.0, your cardholder data may not be totally secure.
So, how can organizations maintain compliance and end-to-end security? The Compliance Solution team has gathered thought leaders in the payment card industry to offer research, guidance and best practices to help organizations overcome these challenges.
Join our webcast on April 16, 2013, with PCI experts from the Ponemon Institute, Verizon Business, and the PCI Security Standards Council to learn how Cisco can help bridge the gap between PCI compliance and security to minimize the impact of an attack. Read More »
Tags: compliance solutions, payment card industry, pci, PCI DSS 2.0, PCI security standards council