The PCI Council has unveiled new guidance for mitigating payment card risks posed by third parties. Troy Leach, the council's CTO, explains how banking institutions and merchants can put the guidance to use.
Federal authorities say the successful prosecution of a member of an international cybercrime ring proves progress is being made in shuttering ATM cash-out schemes. But some experts say processors and prepaid cards will continue to be targeted by attackers.
A class action suit against breached restaurant chain P.F. Chang's China Bistro is unlikely to succeed, some security experts say, because proving consumer losses linked to specific merchant data breaches is difficult.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
A class action lawsuit filed by two banks against Target in the wake of its 2013 breach has an unusual twist: It seeks damages from Target and Trustwave, allegedly the retailer's qualified security assessor. Experts offer an analysis.
In the second full day of RSA 2014, ISMG's editors record exclusive video interviews with Troy Leach of the PCI Council, Adam Sedgewick of NIST and Gartner's Avivah Litan. What insights do these thought-leaders share?
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
As Congressional leaders look for answers about why U.S. card security is failing, there hasn't been enough discussion surround why EMV can't easily fix our system. And the card brands have been conspicuously absent from the debate.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Target Corp.'s revelation that personal information about up to 70 million customers was breached in a recent malware attack raises new questions about Target's security practices and risks to consumers.
Version 3.0 of the PCI Data Security Standard goes into effect Jan. 1, 2014. What steps should organizations be taking to prepare for implementation of the standard? Troy Leach and Bob Russo of the PCI Security Standards Council explain.