The PCI DSS 4.0 Deadline Has Passed, But There’s Still Time to Play Catchup
The deadline for PCI DSS 4.0 has been and gone. But it’s never too late to advance compliance plans. It’s not just about avoiding potentially large fines and other penalties. Following the standard to the letter helps ensure organizations are adhering to industry best practices, devised by some of the ... Read More
Moving Past Compensating Controls: The Long-Term Value of Tokenization for PCI DSS
With the deadline for PCI DSS 4.0 compliance just around the corner, it’s decision time for organizations. For many, compensating controls are a godsend, introducing a degree of flexibility into what is otherwise a rigorous, demanding and heavily detailed standard. But while this approach can be a useful means of ... Read More
Compensating Controls, Customized Approach and Tokenization in PCI DSS 4.0
The Payment Card Industry Data Security Standard (PCI DSS) has always been considered one of the most prescriptive industry mandates around. And well might it be, given what’s at stake. As breach volumes surge and threat actors find it ever easier to bypass traditional cyber-defenses, the card industry must ensure ... Read More
How Infostealers Are Creating a Data Breach Epidemic
When threat actors get their hands on legitimate corporate credentials, it makes blocking unauthorized intrusions far more challenging. Yet that’s exactly what’s happening across the globe, thanks to the growing popularity of infostealer malware. The result is to feed the criminal supply chain with stolen data—fuelling follow-on fraud for customers ... Read More
A Beginner’s Guide to PCI DSS 4.0: Requirements 10-12
PCI DSS 4.0 was designed 20 years ago to help reduce the risk of major breaches of card data at financial services firms, retailers and others that store, process and transmit this information. As the emergence of AI tooling and a sophisticated cybercrime supply chain tilt the advantage in threat ... Read More
A Beginner’s Guide to PCI DSS 4.0: Requirements 5-9
Data breaches reached a record high in the US last year, impacting over 350 million individuals. According to one estimate, financial services firms suffered the second highest total of breaches in 2023: 744. It’s not hard to imagine why. In many cases, threat actors will have been focused on targeting ... Read More
A Beginner’s Guide to PCI DSS 4.0: Requirements 1-4
Valid card data is highly sought-after on the cybercrime underground. In fact, it’s helping to drive a global epidemic in payment fraud predicted to reach $40bn by 2026. In a bid to stem losses, the card industry created the Payment Card Industry Data Security Standard (PCI DSS) over two decades ... Read More
Innovation or Security? Solving the CIO’s Dilemma
The life of a CIO is not dissimilar to that of a trapeze artist. The reason we’re able to soar so high is because of the safety net beneath. Remove that, and the whole show comes crashing down to the ground. In a similar way, the only way we can ... Read More
Why Tokenization Beats Transparent Data Encryption for PCI DSS Compliance
Cyber-threats are rapidly evolving and breaches are on the rise. That makes compliance with the Payment Card Industry Data Security Standard (PCI DSS) ever more critical for organizations handline sensitive payment card data. A key aspect of this framework is safeguarding data at rest – but the requirements are changing ... Read More
Protect the Data to Avoid the Cost of Lost Business
Data breaches are growing in volume and cost. Estimates from non-profit the Identity Theft Resource Center (ITRC) reveal that 2023 was a record year for compromise in the US. Over 3,200 incidents impacted more than 353 million customers. The latest in a long line of annual reports from IBM has ... Read More
