Search results

Blog

Category

The Failure of the PCI-DSS?

Recent events have caused people all over the information security community to question the efficacy of the PCI-DSS.  The Target breach has become a lightning rod for debate as to how well the PCI-DSS protects organizations. In a recent blog entry, Avivah Litan from...

Analysis of the New Requirements for PCI 3.0

The PCI –DSS 3.0 draft is out and the changes are significant.  However, when we parse out the new standard, there are really only six new requirements (and one of those is a just a augmenting an existing requirement).  Anitian analyzed these six new standards along...

PCI: I Find Your Lack of Scope Disturbing

Anybody who has spent more than a few nanoseconds working on PCI compliance invariably has been confronted with the mystical challenges of scope. What is considered in-scope for PCI compliance? How do you limit scope? And what constitutes the Cardholder Data...