Will PCI Evolve Alongside Software Development Trends?

This week, I caught up with Joseph Feiman, Veracode’s Chief Innovation Officer and former Gartner analyst of 18 years, to discuss some of his key takeaways from the PCI Europe Community Meeting, which took place in Barcelona on October 24-26th. The three-day international seminar gathered community figures and merchants and members of the Council to share updates and insights on current trends and affairs in the payment industry, as well as best practices on how we can collaboratively better secure payment data. In this interview, we explored these lessons learned and analyzed the strategies organizations can consider adopting to increase the security posture of their applications. What insights affecting application development emerged at the PCI Europe Community Meeting? Numerous industry reports, such as Verizon’s Data Breach Investigations Report (DBIR), continue to place applications and web applications as primary attack vectors. Applications consistently remain easy to exploit, as new attack vectors bypass traditional mature security controls such as firewall or IPS/IDS tools, and often provide a direct path to business infrastructure and lucrative information. Those factors, combined with today’s growing attack surface due to the dependence on software through the payment processing lifecycle, mean security for the applications...
Read more