Forty-one percent of merchants are relying on compensating controls to meet Payment Card Industry Data Security Standard (PCI DSS) requirements, according to a survey released Monday by the Ponemon Institute and commissioned by encryption firm Thales. The survey, which polled 155 qualified security security assessors, who are charged with confirming a company's adherence to PCI. Compensating controls "may be considered for most PCI DSS requirements when an entity cannot meet a requirement explicitly as stated, due to legitimate technical or documented business constraints," according to the PCI Security Standards Council. — DK
Several recommendations have been given by the Department of Homeland Security to simplify federal cyber incident reporting rules in an effort to ensure no additional burdens to cyberattack-hit organizations, reports The Record, a news site by cybersecurity firm Recorded Future.
U.S. global consumer and professional products manufacturer Clorox has disclosed the possibility of product shortages and delays due to widespread operational disruption linked to a cyberattack last month, ABC News reports.