Saturday, July 2, 2022
  • Security BSides Athens 2022 – Christina Skouloudi’s ‘Talk 2 – Team Europe & The International Cybersecurity Challenge’
  • XKCD ‘The Universe By Scientific Field’
  • Security BSides Athens 2022 – Brian Contos’ ‘Talk 1 – Cameras, CACs & Clocks: Enterprise IoT Security Sucks – A Story of Two Million Interrogated Production IoT Devices’
  • Java Serialisation – the gift that keeps on taking (Part 3)
  • Making CMMC Compliance Affordable For SMBs

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About Us

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Governance, Risk & Compliance Security Bloggers Network 

Home » Cybersecurity » Governance, Risk & Compliance » A Beginner’s Guide to PCI Compliance

SBN

A Beginner’s Guide to PCI Compliance

by Megan Freshley on April 23, 2019

PCI DSS, or the Payment Card Industry Data Security Standard, is the set of regulatory requirements all organizations who process card payments must adhere to. Sounds simple enough, right? But PCI compliance can pose a major challenge to organizations if they’re not equipped with the proper knowledge and tools.

DevOps Connect:DevSecOps @ RSAC 2022

Let’s take a quick look at the basics of PCI compliance, what the actual requirements consist of and methods organizations can use to both pass their PCI audits and maintain a strong cybersecurity posture. After all, the point of PCI isn’t to tick a checkbox that says you’re compliant—it’s to protect cardholder data from malicious actors.

What Is PCI Compliance?

When the credit card industry moved into the digital space, it quickly realized the need to protect itself from digital fraud. Merchants and those responsible for handling the data needed to protect it in the same way they would protect physical currency.

Then, like now, there was a lack of cybersecurity expertise; credit card handlers knew they had to protect the data, but they didn’t necessarily know how. The major credit card companies had a vested interest in helping companies protect the data, and so each developed their own security standards.

At first, credit card companies came up with their own internal information security programs. The introduction of a centralized regulatory requirement helped unite these disparate programs under one umbrella. Version 1.0 was first introduced in 2004.

Its current iteration, 3.2.1, was released in 2018. The PCI Security Standards Council, founded in 2006, is now a global organization with far-reaching say on how business is done in the digital age. In addition to helping cardholders’ data stay in the right hands, PCI also helps card issuers and banks limit their liability in the event a merchant suffers (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Megan Freshley. Read the original post at: https://www.tripwire.com/state-of-security/regulatory-compliance/beginners-guide-pci-compliance/

April 23, 2019April 23, 2019 Megan Freshley compliance management solutions, compliance solutions, PCI, pci audit, PCI Compliance, pci compliance checklist, pci compliance requirements, PCI DSS, pci dss 3.2, pci dss compliance, pci dss requirements, pci security, pci security standards, PCI Standards, Regulatory Compliance, what is PCI compliance
  • ← ShadowHammer and the Firmware Supply Chain
  • Identity Theft and Financial Fraud in the Digital Age →

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Most Read on the Boulevard

Using AI and ML to Fight Zero-Day Attacks
Russian Hackers Declare War on Lithuania — Killnet DDoS Panic
Cerby Emerges From Stealth to Transform Application Security
Adopting a Multifaceted Security Approach
Protecting Organizations From 5G Threats
How to Integrate Cyber Risk Management with ERM – RiskLens Presents to PRMIA
Should You Outsource or Manage Security In-House?
The role of AI in Cyber Security
The Four Pillars of a Cybersecurity Strategy That Works
Top 5 Cyber Threats to the Healthcare and Public Health Sector in 2022

Upcoming Webinars

Mon 18

Kubernetes Security

July 18 @ 1:00 pm - 2:00 pm
Tue 19

Finding the Ransomware Threat INSIDE Your Backups

July 19 @ 3:00 pm - 4:00 pm
Mon 25

Applying the 2022 Open Source Findings to Software Supply Chain Risk Management

July 25 @ 3:00 pm - 4:00 pm
Wed 27

How to Shift Security Left: Best Practices From a Fortune 500 DevSecOps Leader

July 27 @ 1:00 pm - 2:00 pm
Aug 30

CISO Talk Master Class Episode: Catch Lightning in a Bottle – The Essentials: Bringing It All Together

August 30 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

7 Must-Read eBooks for Security Professionals

Industry Spotlight

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook
Analytics & Intelligence Application Security Cloud Security Cyberlaw Cybersecurity Data Security Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook

June 17, 2022 Richi Jennings | Jun 17 0
Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
Cybersecurity Governance, Risk & Compliance Industry Spotlight IoT & ICS Security Security Awareness Security Boulevard (Original) Threat Intelligence 

Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity

May 23, 2022 Mike Hodge | May 23 Comments Off on Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity
Establishing a Root of Trust in Embedded Linux and IoT
Cybersecurity Endpoint Industry Spotlight IoT & ICS Security Security Boulevard (Original) Vulnerabilities 

Establishing a Root of Trust in Embedded Linux and IoT

April 18, 2022 Anita Buehrle | Apr 18 Comments Off on Establishing a Root of Trust in Embedded Linux and IoT

Top Stories

Google Launches Advanced API Security to Combat API Threats 
Featured News Security Boulevard (Original) Spotlight 

Google Launches Advanced API Security to Combat API Threats 

June 30, 2022 Nathan Eddy | 2 days ago 0
GAO: CISA, Treasury Must Assess Critical Infrastructure Risks
Cyberlaw Cybersecurity Governance, Risk & Compliance Incident Response News Security Awareness Security Boulevard (Original) Threat Intelligence 

GAO: CISA, Treasury Must Assess Critical Infrastructure Risks

June 30, 2022 George V. Hulme | 2 days ago 0
Palo Alto Networks Expands Web App and API Security Options
Application Security Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight 

Palo Alto Networks Expands Web App and API Security Options

June 30, 2022 Michael Vizard | 2 days ago 0

Security Humor

XKCD 'The Universe By Scientific Field’

XKCD ‘The Universe By Scientific Field’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Techstrong Research
  • Techstrong TV
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
  • Digital Anarchist
Powered by Techstrong Group
Copyright © 2022 Techstrong Group Inc. All rights reserved.