November 19, 2012

PCI council issues guidance to help meet risk assessment piece

The PCI Security Standards Council, the body that manages payment security industries guidelines, on Friday released a methodology for meeting a risk management requirement included in the standard. The "PCI DSS Risk Assessment Guidelines Information Supplement" (PDF) was created to help organizations meet the PCI Data Security Standard's 12.1.2 provision, which mandates the establishment of a "formal process for identifying threats and vulnerabilities that could negatively impact the security of cardholder data."
Related Articles
Related Topics
Related Links
close

Next Article in News

More in News

Twitter begins rollout of two-factor authentication to limit account takeovers

Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.

Commission offers suggestions for stemming online spy threat from China

The 100-page report mostly addresses alleged Chinese cyber espionage operations, and suggests it's time for U.S. government agencies and corporations to consider more proactive approaches, possibly including hack-backs.

Researchers link "Sunshop" group to recent espionage attacks

The IE exploit was most recently used in watering hole attacks directed at the U.S. Department of Labor website.