New PCI regulation will include a heavy focus on multi-factor authentic, people, processes and encryption
The PCI SSC has pushed back the date by which members must change to a secure version of TLS (currently 1.1 or higher); the migration is being revised today and pushed back from June 2016 to June 2018.
Verizon's fourth annual report into PCI DSS compliance finds that not a single breached company over the last decade has been fully compliant with PCI standards at the time of breach. However, there is at least light at the end of the tunnel.
Compliance with PCI DSS 3.0 is primarily about enforcing everyday security best practices, but Stuart Facey notes that secure third party access is a key part of that approach.
Malware around since last year, but only now visible to anti-virus security software.
PCI compliance was called a 'gold standard' and 'secure baseline' at a conference in London today, but not all believe that it does enough to guard against data breaches.
Use of tokens is one of the ways we might limit the amount of sensitive data linked to our cards suggests Tim Critchley.
Cambridge University researchers have revealed "serious" flaws in chip-and-pin payment card security that, almost two years after they first reported them, have still not been fully fixed by the banks.
PCI compliance is like meeting food safefy standards, explains Tim Lansdale, its there for the benefit of customers.
PCI DSS 3.0 may be on the horizon, but a new study suggests that companies are not only slow in updating, but also approaching compliance in the wrong way.
A new point of sale-based Trojan called ChewBacca has been used to steal payment card and personal customer data from dozens of retailers across 11 countries, according to RSA.
Internal network analysis security would have stopped this attack - Peter Wood, Firstbase CEO
The latest PCI update offers improvements to ensure security in online transactions, says Tim Lansdale, head of payment security, WorldPay. Tony Morbin reports.
In a special one-off case study linking our themes of PCI compliance and security spend, Random Storm technical director and co-founder Andrew Mason describes to SC a case study that tackles both issues with the aid of league tables.
Nearly 100,000 Staysure customers may have had their personal details compromised.
It's a New Year with a new editor and new team members on SC. Thanks for the warm welcome from everyone we've met and we'll be talking to more of you throughout the year.
European Payment Services (EPS) in Berkshire has become the first vendor to have its point-to-point encryption (P2PE) hardware certified under global security standards used to protect consumer card data.
A company is challenging costly penalties levied for non-compliance of Payment Card Industry (PCI) security standards, by suing the credit card company that imposed the fines.
The PCI Security Standards Council (PCI SSC) is looking for feedback on its payment industry guidelines and plans to roll out an online tool to make providing input easier.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry